Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

ISA 2004 & AVG Antivirus

Posted on 2006-05-09
9
Medium Priority
?
968 Views
Last Modified: 2013-11-16
The network /server setup is as follows:

5 server 2003 Enterprise machines all on the same IP set (10.0.0.xx).  Andrew runs AVG antivirus and is the server all other servers and workstations look to for updates.  The updates are handled via HTTP.

three of my five servers can see andrew fine and can pull AVG updates from Andrew.  However, Matthew, my ISA 2004 box, cannot see Andrew and cannot pull AVG updates.  By "see" I mean in the AVG configuration screen, when I test the connection to Andrew, it fails.  All of my servers are setup for remote administration in AVG and they are all setup the same.  My ISA box cannot pull it's updates from or communicate with Andrew.  I feel that since it's my ISA server, it must be a rule issue or something related to ISA.  Anyone have any ideas?

Thanks

Cliff
0
Comment
Question by:crp0499
  • 5
  • 4
9 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16641486
Hello again crp

Have you created a two way rule on the ISA server to allow ALL protocols from local host & internal TO local host & internal?
Try it and see if this helps.
If it does, open the monitoring - logging tab
click on start query
run the avg update and see what ports pass. We can then edit the ALL protocol rule and create/add/amend to put in a specific protocol matching the requirement.

reagrds
keith
0
 

Author Comment

by:crp0499
ID: 16644759
We have.  When we do add the internal to internal rule, RDP and Surf Control both cease to operate.
0
 

Author Comment

by:crp0499
ID: 16645116
OH, Hi Keith...

This is the weirdest thing.  Any internal to internal rule craters RDP and Surf Control.  Turn it on, crater.  Turn it off, everything works fine.

All PC's and servers EXCEPT our ISA can connect to our remote admin for AV.  
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16645757
So what traffic is been blocked in the ISA log?
0
 

Author Comment

by:crp0499
ID: 16647939
When I run a query, the connection opens, then closes.  I see no denials to any services.  Also, when I attempt to edit my existing AVG rule to allow the ISA access to the AVG server, my RDP and Surf Control stop working.  I have noted that AVG uses FTP to pull updates and I have an existing FTP rule.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16649719
Does it not show a port or protocol though when the connection gets created?
0
 

Author Comment

by:crp0499
ID: 16654017
it flashes so fast, I can barely see it.  tomorrow I'll see what I can do about getting a better read on the query.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16655710
once it passes, right-click inside the log data window  and just click stop query. You can then scroll back up at your leisure :)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16722437
thank you :)
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Screencast - Getting to Know the Pipeline
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month20 days, 17 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question