AntiVirus

In the Antivirus page, you can turn on an Antivirus application.

To define the Antivirus health class:

1. Navigate to Configuration > Posture > Posture Policies, then click Add.
2. From the Add Posture Policies page, select the Posture Plugins tab.
3. Select the ClearPass Windows Universal System Health Validator, then click Configure.
4. Select the Windows operating system, then check the Enable checks for Windows_OS.
5. Select Antivirus.

The Antivirus health class configuration page opens:

Figure 1: Antivirus Page: Enabling Antivirus application

6. Click An antivirus application is on to configure the Antivirus application information.

When enabled, the Antivirus detail page opens.

Figure 2: Antivirus Page: Remediation Checks

7. To specify product and version-check information, click Add.

Figure 3: Antivirus Check Configuration Dialog

8. Specify the Antivirus health class parameters as described in the following table:
Table 1: Antivirus Health Class Parameters

Parameter

Action/Description

An Antivirus Application is On

Click Antivirus application is on to enable testing of health data for configured Antivirus application(s).

Auto Remediation

Check the Auto Remediation check box to enable auto remediation of anti-virus status. This option is enabled by default.

User Notification

Check the User Notification check box to enable user notification of policy violation of anti-virus status. This option is enabled by default.

Display Update URL

Check the Display Update URL check box to show the origination URL of the update. This option is disabled by default.

Product-

specific checks

To configure for product-specific checks, leave the check box checked (the default setting).

To allow any Antivirus product, uncheck the check box.

All of these checks may not be available for some products. Where checks are not available, they are shown in disabled state..

Select the antivirus product

Select an antivirus product from the drop-down list.

Product version check

Select one of the following options:

No Check
Is Latest: Requires registration with ClearPass portal.
In Last N Updates: Requires registration with ClearPass Portal.

Datafile version check

Select one of the following options:

No Check
Is Latest: Requires registration with ClearPass portal.
In Last N Updates: Requires registration with ClearPass Portal.

Engine version check

NOTE: The Engine Version Check option is removed from the Antivirus health class in ClearPass Posture Policy configuration for plugin version 2.0 (SDK V4) for both Windows and Mac OS.

When using plugin version 1.0 (SDK V3), select one of the following options:

No Check
Is Latest: Requires registration with ClearPass portal.
In Last N Updates: Requires registration with ClearPass Portal.

Data file has been updated in

Enter the number, then specify the interval in hours, days, weeks, or months.

Last scan has been done before

Enter the number, then specify the interval in hours, days, weeks, or months.

Real-time Protection Status Check

No Check: ClearPass does not use Real-time Protection status value for health evaluation. This means that the client is treated as healthy irrespective of the value of RTP.
On: Marked as healthy only if the value of Real-time Protection status is On.

After you save your Antivirus configuration, it is listed on the Antivirus page.

Figure 4: Antivirus Check Configured