eTrust Antivirus Attributes

eTrust Antivirus Attributes

Cisco has defined eight standard NAC attributes for anti-virus applications. The eTrust Agent for Cisco NAC supports the reporting of these eight anti-virus attributes to the Cisco Secure ACS NAC database as follows:

Software-Name

The product name: eTrust Antivirus

Software-ID

The product ID as defined by Computer Associates: 1

Version

The product version number, as displayed in the eTrust Antivirus Version

Information dialog

Scan-Engine-Version

The version of the currently active Realtime scan engine, as displayed in the

Details for area of the eTrust Antivirus Version Information dialog

DAT-Version

The signature version of the currently active Realtime scan engine, as displayed in the Engine Information area of the eTrust Antivirus Version Information dialog

DAT-Date

The date and time the currently active Realtime scan engine was last updated, as displayed in the Engine Information area of the eTrust Antivirus Version Information dialog

Note: The Last Update date/time provides a more accurate representation of the device’s posture than the Build Date of the virus signatures.

Protection-Enabled

Current status of Realtime Monitor: 1 if enabled, 0 if disabled

Action

A hexadecimal string that represents how infected files are treated by the Realtime scanner:

00000000 – Report only

00000001 – Cure

00000002 – Rename

00000003 – Delete

00000004 – Move

14 Installation Guide

Page 14
Image 14
Cisco Systems G01028-1E manual ETrust Antivirus Attributes, Scan-Engine-Version