This is assuming 3.2.13 or higher
Page is
Clean Access -> Certified Devices ->Certified List (Default page when
you click on Clean Access)
If you clear this list (using the Clear All Button) All people will be
logged out, and forced to recertify. That's the manual process.
If you look on the 2nd level menu, there is an option marked "Timer"
Enable the certified device list timer
And give it a time and a number of days.
We clear ours Every Sunday at 3am. (Set it to clear next Sunday at 3am,
and then every 7 days) That's the time that our students have told us
is the most convenient for them, 3am.
> -----Original Message-----
> From: Perfigo SecureSmart and CleanMachines Discussion List
> [mailto:[log in to unmask]] On Behalf Of ken whittaker
> Sent: Thursday, July 28, 2005 8:05 AM
> To: [log in to unmask]
> Subject: Re: Clean Access Test Results
>
> How would one go about de-certifying in bulk. This is
> something that
> we want to be able to do , we just had CCA installed and one
> of our questions to the installer was how to log the users
> off in bulk at a certain time.. He said that there was no
> mechanism to do that. So I'm most curious how your doing this ...
>
> ken ---
>
> Ken Whittaker
> Network Manager
> Information Technology Group
>
> Keene State College
> 229 Main St
> Keene NH, 03435
>
> Voice: 603.358.2537
> Fax: 603.358.2780
>
> E-Mail: [log in to unmask]
>
>
> > From: "Flagg, Martin D." <[log in to unmask]>
> > Reply-To: Perfigo SecureSmart and CleanMachines Discussion List
> > <[log in to unmask]>
> > Date: Wed, 27 Jul 2005 11:55:53 -0400
> > To: <[log in to unmask]>
> > Subject: Re: Clean Access Test Results
> >
> > We have thought about changing the heartbeat session timer set to
> > 16-24 hours so that users are not kicked if they turn off
> the computer
> > overnight. We have a student environmental action group on campus
> > that has successfully convinced students to turn their
> computers off
> > when they are not being used. We are planning on de-certifying all
> > machines at 4:00 am Monday morning, every week. Any
> comments or suggestions?
> >
> >
> > Martin D. Flagg
> > Network Engineer/Administrator
> > Hiram College
> > PH: 330-569-5376
> > FAX: 330-569-5462
> > email: [log in to unmask]
> > -
> > If you lend someone $20,
> > and never see that person again,
> > it was probably worth it.
> >
> >
> >
> >
> >
> > -----Original Message-----
> > From: Perfigo SecureSmart and CleanMachines Discussion List
> > [mailto:[log in to unmask]] On Behalf Of Homer Manila
> > Sent: Wednesday, July 27, 2005 11:27 AM
> > To: [log in to unmask]
> > Subject: Re: Clean Access Test Results
> >
> > Oh, forgot to mention: We have the heartbeat session timer set to 2
> > hours, which should force users to login again, if their
> machines have
> > been off that long. Also, we are still deciding if we will force
> > re-certification at some more frequent regular interval
> like 1-3 weeks
> > at a time, to force scanning of machines running the agent
> that aren't
> > being made to log-in as much. One of the timeouts is decertifying
> > people, according to our graphs, wish I knew which one!
> >
> > Also in regards to dhcp lease times: if it still renews to the same
> > ip, they still won't be forced to log in. So, disregard what I said
> > earlier
> > :)
> >
> > --Homer Manila
> > Network Security Administrator
> > Office of Information Technology
> > American University
> >
> > Homer Manila wrote:
> >> Changing network/internet access from having no requirements to CA
> >> can
> >
> >> be frustrating to the students. Telling them that implementing it
> >> will
> >
> >> make their machine more secure and the network happy
> sometimes isn't
> >> enough. It helped that we had numbers to back up our decision to
> >> implement CA: Last year alone, we had over 1200 virus tickets that
> >> resulted in a loss of over $100k in man-hours and downtime. Those
> >> are
> >
> >> good numbers to give budget/funding too, if you have it.
> >>
> >> I would also suggest increasing your temporary access time to at
> >> least
> >
> >> 2 hours, which is what we did, to facilitate some of the longer
> >> downloads(sp2). Increasing your session timeout might be a
> good thing
> >> too; we actually don't have a timeout set for our users. Since CA
> >> will make you log in after the mac-address to ip-address combo is
> >> void(dhcp lease time has expired and the user receives a
> new ip, user
> >> moves to another subnet, etc), it will make the user
> sign-on again.
> >> If
> >
> >> your dhcp lease times are set higher, the user will keep their ip
> >> address longer, and have to sign-on less. Plus, we plan
> on forcing
> >> re-certification after every year or semester is over.
> >>
> >> --Homer Manila
> >> Network Security Administrator
> >> Office of Information Technology
> >> American University
> >>
> >>
> >> Sean Ward wrote:
> >>
> >>> We (Bowling Green State University) recently performed a
> very small
> >>> test of Clean Access/Perfigo in a residence hall where we
> have about
> >>> 20 students living because of conferences and the like.
> Of the 20,
> >>> about 14 had computers that connected, of which 10 filled out a
> >>> survey on our website.
> >>>
> >>> Included below are the responses we received. For those
> of you who
> >>> have been testing or have finished testing Clean Access,
> what type
> >>> of
> >
> >>> response did you get from the students? Were they
> similar to ours?
> >>> In what ways did you convince those in charge of the
> budget/funding
> >>> that it was worth the cost?
> >>>
> >>> In an occurrence that could only be defined as "awesome", the
> >>> instructions document is corrupted, so I cannot attach,
> include, or
> >>> link to it until I take time to recreate it.
> >>>
> >>> Any and all responses would be appreciated.
> >>>
> >>> Thanks,
> >>> Sean
> >>>
> >>> Did you have any issues with the documentation? If so, what were
> > they?
> >>>
> >>> * When trying to download clean access it kept comping
> up with a
> >>> message that said you must open excutiable file something,
> >>> something, something?? and I had no clue what it was talking
> >>> about, so I played around and finally figured it
> out. That was
> >>> confusing at first and somewhat frustrating
> >>> * I guess my default settings were making it difficult to
> > configure
> >>> the software
> >>> * Some of the windows that popped up, such as the temporary
> >>> connection to the network, were not in the manual so I had to
> >>> click on what I thought was right.
> >>> * I tried to get it to loadfor 3 hours with no luck.
> Finally RCC
> > had
> >>> to come and install a new web browser. Now it works
> just fine.
> >>> * The documentation was fine.
> >>> * I had no problem installing the software and getting
> back on the
> >>> network. The instructions were thorough and I appreciated the
> >>> screen shots that were included.
> >>> * It made me update fifty million times when I first got on.
> >>>
> >>> Have you had any issues connecting to the network or
> Internet since
> >>> having the software installed? If so, how many times did this
> >>> happen,
> >
> >>> what type of issues were you having, and what were you
> doing at the
> > time:
> >>>
> >>> * Every so many days it would kick me off the network
> and I'd have
> >>> to restart my computer to be able to connect to the internet.
> > This
> >>> is very frustrating and annoying, especially since
> it happened
> >>> again this morning telling me I had to download the
> new version.
> > I
> >>> thought this test was over??
> >>> * Every time I attempt to connnect to the internet I am stopped
> >>> because Norton Antivirus is blocking the Clean Access site
> > becuase
> >>> it is unknown. If you already have anti-virus
> software it makes
> >>> this process extremely difficult, and you have to disable the
> >>> previous software in order to run the new software,
> and I have
> >>> paid a large amount of money to have my computer
> protected by my
> >>> other services.
> >>> * I had had a problem once. Everytime I tried to
> connect it would
> > go
> >>> to the main screen and then my mouse cursor would start going
> >>> crazy....clicking very fast all on its own. No website would
> > even
> >>> appear. It would continue doing the same thing even after I
> > tried
> >>> restarting my computer several times. I decided to
> leave alone
> > for
> >>> the next and the next day...everything was fine and
> I was able
> > to
> >>> complete the process without any problems.
> >>> * At first, I only had a temporary connection for 20 minutes.
> > During
> >>> that 20 minutes, I had to download a bunch of
> different things
> > but
> >>> after 20 minutes, I would have to stop because I was
> no longer
> >>> connected. It took 9 hours just to get everything
> set up. Once I
> >>> did, my entire computer was running extremely slow.
> Every three
> >>> days I had to redo everything and that was a big
> inconvenience.
> >>> * It's working well.
> >>> * why do i have to re-login every few days....that kicks me off
> >>> IM...I don't like it!
> >>> * McAfee really slowed down my computer. I took Norton
> off of my
> > PC
> >>> and it runs just fine now.
> >>> * I am very frustrated that I have been randomly
> kicked off line
> >>> (while I've been using the internet and instant
> messenger) only
> > to
> >>> reaccept the clean access agent agreement and return
> to my work.
> > I
> >>> knew that this was going to happen (since it was
> stated on the
> >>> instruction sheet-thanks for that info!), but I find this
> >>> frustrating and unnecessary. I'd really rather not have the
> >>> program on my computer. Plus, I don't know what it
> does and why
> > I
> >>> need it, other than I can't get on the internet and
> it's suppose
> >>> to help prevent viruses. I had to work when Sean came to our
> >>> meeting, and I read what was given to me but I still don't
> >>> completely understand the need.
> >>> * No problems after setup
> >>>
> >>> What could BGSU have done to make this test easier?
> >>>
> >>> *
> >>>
> >>> I guess there really isn't anything to make it
> easier. It's just
> >>> going to be frustrating to you, if you impliment it
> to the whole
> >>> campus, because you will be getting a lot of calls.
> >>>
> >>> * It would have been nice if we were asked to
> volunteer to do this
> >>> instead of having no say.
> >>> * I think it woudl be easier for the RCC staff to come
> configure
> > the
> >>> software on students' computers themselves
> >>> * I wish that we would have had advanced notice that this was
> > going
> >>> to happen.
> >>> * Had people working later to help with the set up because I
> > didn't
> >>> have internet for almost 2 days.
> >>> * Tell people it takes a while to load.
> >>> * The test itself is fine. The instructions were complete and I
> > was
> >>> informed that I would be kicked off the network
> every 3 days or
> >>> so. However the fact that the system does boots me off the
> > network
> >>> randomly every few days is very inconvenient,
> especially since
> >>> I've been working while it has happened.
> >>> * Made the setup easier. You should only have to update once.
> >>>
> >>> Is there anything else you wish to add that was not mentioned?
> >>>
> >>> * Once I finally was able to download the Clean Access
> software,
> > it
> >>> told me that my login name was unknown and would not let me
> > proceed.
> >>> * After making my complaint via email and phone, RCC
> was able to
> > fix
> >>> everything on my computer so that it runs even better before.
> >>> * The test itself is fine. The instructions were complete and I
> > was
> >>> informed that I would be kicked off the network
> every 3 days or
> >>> so. However the fact that the system does boots me off the
> > network
> >>> randomly every few days is very inconvenient,
> especially since
> >>> I've been working while it has happened.
> >>> * It's annoying to have to update every three days. Once a week
> >>> would be better.
> >>>
> >>>
> >>
>
|
