Description
This article provides a list of information to provide Support upon opening a case regarding functionality for currently supported Antivirus packages.
Requests to add support for an Antivirus package should be submitted as a New Feature Request (NFR). See the related KB article below.
Scope
FortiNAC versions 9.x and greater.
Solution
Endstation Product Information:
Always provide:
- Agent Version.
- Screen capture of the failed program's Help -> About.
- Application Type (ex: Antivirus/OS).
- Program Vendor.
- Application Name.
- Program Version.
- Definition Version.
- Windows endstation: Registry Dump of HKEY_LOCAL_MACHINE\Software\.
- Run Windows Regedit
- 'Right-click' on HKEY_LOCAL_MACHINE\Software\
- 'Right-click' and select EXPORT.
- Select 'Text Files' for 'Save as Type'.
- Mac OSX endstation: Output of the following command run via the hosts terminal: pkgutil --pkgs.
NAC Administration UI:
Always provide:
- Appliance version (Help -> About).
If the program is not detected at all:
- Screen capture of failed scan results from affected endstation for a policy with ALL AV checked and Preferred option set to None. If one does not already exist...
- Create a new Endpoint Compliance Policy (navigate to Policy > Policy Configuration) using the following settings:
- User/Host Profile that has the MAC address of the affected endstation added under the Adapter tab in the Physical Address field.
- Endpoint Compliance Configuration with ALL AV programs selected, Validation of the following option set to Any and Preferred option set to None.
- Set Rank for new policy to 1 to ensure endstation match.
-
Confirm policy matches using the Policy Details option in Host View.
-
Scan endstation and provide a screen capture of failed scan results and scan configuration using the instructions below.
If scans are failing inappropriately:
- Screen capture of the failed scan results.
- Navigate to Users & Hosts -> Hosts and search for the affected host record.
- 'Right-click' and select Host Health.
- Select History tab.
- Select the Failed status for the details of the scan result.
- Screen capture of scan configuration.
- Navigate to Policy & Objects -> Endpoint Compliance.
- Select Scans.
- Highlight the scan listed in the scan results and select Modify or 'Double-click'.
- Select the appropriate operating system tab (Windows, Mac-OS-X, or Linux).
- Select the appropriate Category from the drop-down.
- Select the failed program name.
Related Articles:
Technical Note: Information to provide when requesting AntiVirus (AV) support