Oh sorry - they were using the specific check for the Symantec Endpoint
11.x:
Listed in the report as:
av_defn_SymantecEndpointProtection_11_x
However it should work with the av_def_Norton_ANY as well (so selecting
ANY under Norton when creating the rule).
Nate
Hennessey, Sean wrote:
> I get that, I was just wondering which rule/req was supposed to be used
> to check for it in the first place. I suppose I'm directing this to the
> person it is working for... :) Sorry. Is the generic SAVCE rule the one
> that is supposed to find it?
>
> - Sean
>
> ----
>
> Sean Hennessey
>
> Networking and Information Security Systems Administrator
>
> The University of Portland
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Nathaniel Austin
> Sent: Wednesday, October 22, 2008 2:50 PM
> To: [log in to unmask]
> Subject: Re: Symantec End Point Protection v11
>
> Its the agent actually not detecting it properly, so the rule/req
> wouldn't matter (in this specific instance).
>