Collecting Antivirus Software Information

Collects information about antivirus programs installed on PCs and real-time virus treatment logs detected by antivirus software. Collects antivirus information from various vendors in NAC.

Antivirus can be detected via WMI queries in agentless environments. Refer to: wmi scan

  • Strengthens endpoint security by collecting antivirus name, version, pattern information, real-time monitoring information, etc., from global vendors.

Antivirus Support List

Check all antivirus products supported by Genian NAC by version.

Vendor Product Name Product Version Information Provided v4.0.1x v5.0.x
AhnLab V3 Internet Security 7.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
AhnLab V3 Internet Security 8.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
AhnLab V3 Internet Security 9.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
ESTSecurity Alyac Enterprise 2.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
ESTSecurity Alyac Enterprise 3.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
ESTSecurity Alyac Enterprise 4.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.146~ 5.0.43~
ESTSecurity Alyac Enterprise 5.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.146~ 5.0.43~
Hauri ViRobot VRIS 2011 Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Hauri ViRobot Desktop 5.5 Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Hauri ViRobot 7.x Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Hauri ViRobot Security 1.0 1.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.59~
INCA nProtect Anti-Virus/Spyware 3.x Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
SGA Solution VirusChaser   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Avira Free Antivirus 15.x Antivirus Name, Current Pattern Version Name, Current Pattern Date N/S 5.0.3~
Avira Internet Security Suite 15.x Antivirus Name, Current Pattern Version Name, Current Pattern Date N/S 5.0.3~
Avira Antivirus Pro 15.x Antivirus Name, Current Pattern Version Name, Current Pattern Date N/S 5.0.3~
Avira Endpoint Suite 15.x Antivirus Name, Current Pattern Version Name, Current Pattern Date N/S 5.0.3~
Bitdefender Antivirus Plus 23.x Antivirus Name, Product Version, Real-time Monitoring N/S 5.0.14~
Bitdefender Internet Security 23.x Antivirus Name, Product Version, Real-time Monitoring N/S 5.0.14~
Bitdefender Total Security 23.x Antivirus Name, Product Version, Real-time Monitoring N/S 5.0.14~
Cylance PROTECT 2.0.1420.13 Antivirus Name, Product Version, Real-time Monitoring 4.0.106~ 5.0.24~
CrowdStrike CrowdStrike FALCON Sensor   Antivirus Name, Product Version, Real-time Monitoring N/S 5.0.29~
ESET NOD32 Antivirus 9.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
ESET NOD32 Antivirus 12.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
ESET Endpoint Security 12.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
ESET Internet Security 12.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
ESET Smart Security 12.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
F-Secure F-Secure Anti-Virus 17.x Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.15~
Kaspersky Antivirus   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Kaspersky Endpoint Security 11.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
McAfee Desktop Protection   Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
McAfee Total Protection (VirusScan) 22.3 Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.24~
McAfee Endpoint Security 10.6.0.542 Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring 4.0.106~ 5.0.24~
Microsoft Security Essentials   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
Microsoft Forefront   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Microsoft System Center   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time N/S 5.0.3~
Microsoft Windows Defender   Antivirus Name, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Panda Security Panda Endpoint Protection Plus 8.0.15 Antivirus Name, Product Version, Current Pattern Date (Last Update Date), Real-time Monitoring N/S~ 5.0.30~
Sophos Home 1.3.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring N/S 5.0.17~
Sophos Endpoint 2.1.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring N/S 5.0.17~
Symantec Endpoint Protection 12.x Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring, Last Scan Time 4.0.106~ 5.0.3~
Trend Micro OfficeScan 10.x Antivirus Name, Current Pattern Version Name, Current Pattern Date 4.0.106~ 5.0.3~
Trend Micro APex One   Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring N/S 5.0.42~
Check Point Endpoint security   Antivirus Name, Product Version, Current Pattern Version Name, Current Pattern Date, Real-time Monitoring N/S 5.0.42~
엑소스피어 엑소스피어랩스   Antivirus Name, Product Version, Current Pattern Version Name, Real-time Monitoring, Last Scan Time N/S 5.0.58~
SentinelOne Sentinel Agent   Antivirus Name, Product Version, Real-time Monitoring 5.0.74~  

Antivirus Information Collection

  1. Go to Policy in the top menu.
  2. In the left Policy menu, go to Policy > Node Policy > Node Action.
  3. In the Node Action management window, find and click Antivirus Information Collection.

Below are Basic Settings.

  1. For CWP Message, add a message to display according to the policy.
  2. For Label, adding a label allows you to categorize the plugin with a custom label displayed in the "Description" input field.

Below are Action Execution Settings.

  1. In Antivirus Information Scan Cycle, define the cycle for scanning antivirus information. (Seconds - Hours)
  2. Real-time Monitoring OFF Hold Count is set so that real-time monitoring is reported as Off only when it is collected as Off for a certain number of consecutive times.
  3. Set Antivirus Integration to On to enable the antivirus software integration function.
    • In Treatment Audit Log, select whether to audit logs for treated viruses.
    • Duplicate Log Exclusion Time sets the time during which identical logs for viruses are not recorded. (Minutes - Hours)
    • Select Force Real-time Monitoring as Off to disable real-time scanning.
    • Force Scan forcibly performs a scan if the last virus scan time is older than the set cycle. (Hours - Months / 0 means not performed)
    • For Scan Method, select Full Scan.
    • Set Hide Scan Window UI to On to hide the virus scan window UI from the user.
    • Force Update forcibly performs an update if the last antivirus engine update time is older than the set cycle. (Hours - Months)
  4. Click the Modify button.
  5. In the left Policy menu, go to Node Policy.
  6. Click the Node Policy you wish to apply.
  7. Find Node Action Settings and click Assign.
  8. In the Available items, find Antivirus Information Collection and drag it to the Selected items.
  9. Click the Add button.
  10. Click the Modify button.