locked
NAP remediation for symantec antivirus client in SCCM 2007 SP R3 RRS feed

  • Question

  • I need to remediate symantec antivirus client on a machine by using NAP which is integrated with SCCM 2007 SP2 R3, already my client machines Firewall and autoupdates remedaited successfully but how can i install my antivirus client on a machine if its plug to a network and didnt find antivirus client so it can install by remediation process?
    Usama Arif
    Tuesday, December 13, 2011 9:03 AM

Answers

  • Hi,

    In order to remediate any Antivirus (AV) application using the Windows Security Health Validator (WSHV), the AV must integrate with Security Center / Action Center.

    However, this has limitations. You cannot force a client computer to install an AV application if there is none, or download an update if the application doesn't force this on its own. Security Center is reactive to AV, not proactive. In this context, "remediation"  for the AV consists of providing access to remediation servers so the user can perform required actions.

    -Greg



    Tuesday, December 13, 2011 7:27 PM
  • Hi Usama,

    When you install the AV application it should automatically integrate with security center. If security center reports that an AV application is installed, you are fine. If you wish to install the customized Symantec NAP SHV/SHA this will give you more control. I am not familiar with exactly what additional things the Symantec SHV allows you to do. Usually they will do things like prevent the AV service from being stopped and some other things.

    -Greg 

    Friday, December 16, 2011 4:59 PM

All replies

  • Hi,

    In order to remediate any Antivirus (AV) application using the Windows Security Health Validator (WSHV), the AV must integrate with Security Center / Action Center.

    However, this has limitations. You cannot force a client computer to install an AV application if there is none, or download an update if the application doesn't force this on its own. Security Center is reactive to AV, not proactive. In this context, "remediation"  for the AV consists of providing access to remediation servers so the user can perform required actions.

    -Greg



    Tuesday, December 13, 2011 7:27 PM
  • Hi Greg, Thanks for the reply it will definately help me , one more thing i want to confirm what i do to integrate my AV application with security cenetr / action center , should i need Symantec integrated enforcer for Microsoft NAP on my NPS server
    Usama Arif
    Friday, December 16, 2011 6:10 AM
  • Hi Usama,

    When you install the AV application it should automatically integrate with security center. If security center reports that an AV application is installed, you are fine. If you wish to install the customized Symantec NAP SHV/SHA this will give you more control. I am not familiar with exactly what additional things the Symantec SHV allows you to do. Usually they will do things like prevent the AV service from being stopped and some other things.

    -Greg 

    Friday, December 16, 2011 4:59 PM
  • Hi Greg,

    Thanks for the reply

    Exactly i have  done at that level if my AV service stops it started by Remediation , i just want to confirm is it possible if my AV client not install in machine and system plug into network can it will be remedite by remediation server and AV client get install into that machine ?

     


    Usama Arif
    Monday, December 19, 2011 4:22 AM