Currently Being ModeratedFeb 25, 2013 5:21 PM (in response to GunnyFitz)
You are correct no need for Anti-Virus software for Mac OS X, but this one is free and it has good ratings. http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-75451160.html?tag=main ;pop
Currently Being ModeratedFeb 25, 2013 5:29 PM (in response to GunnyFitz)
...they REQUIRE that whatever operating system I decide to utilize to access my office PC via remote login MUST have some form of anti virus software installed on it.
OS X already does:
If they want to know what you have tell them it is Gatekeeper or Xprotect. Both are features of OS X.
Do not install the Kaspersky junkware. ***, acknowledged.
Do not install Avast either. It is both useless and notorious for false positives.
Message was edited by: John GaltMacBooks iMacs iPads AirPorts, OS X Mountain Lion, 28 years Apple!
Currently Being ModeratedFeb 25, 2013 5:39 PM (in response to John Galt)
I seriously appreciate the hasty response here!!
The trouble is this. The system will not even let me connect thru the Fed portal unless it detects the AV software. I will first try conducting the initial connection without installing anything and see what I get. If it does not pernit me in, then I am going to have to install something. I even thought about doing the "unistall" after I get in for first time but was told the system pings me each time i enter the portal before allowing access, so that idea is shot.
I will certainly give it a try this week once they give me all the neccessary links to access my remote desktop and see what happens. But if I am stuck having to get something, what is the lesser of all evils ya know?
They did state that the Mac firewall is sufficient, but the AV software is a must.
Truly appreciate the advice and most certainly believe what you all say due to experience. Hey while I got ya here, what about on my Macbook too- since I will often use this instead of the iMac desktop? Since its not Mountain Lion I cant get away with the Kapersky crap (and from what I read that is exactly what it is too!)
Based on online reviews its said Intego and Norton are best for Mac?
Currently Being ModeratedFeb 25, 2013 6:07 PM (in response to GunnyFitz)
If it is a push comes to shove go with intego (slight cost) keep away from cross overs (recent entrants) and norton alllegedly creates issues on mac's from time to time.
make certain they can detect it !
Currently Being ModeratedFeb 25, 2013 6:08 PM (in response to GunnyFitz)
The trouble is this. The system will not even let me connect thru the Fed portal unless it detects the AV software.
Based on online reviews its said Intego and Norton are best for Mac?
The Mac's built-in software firewall can do nothing more, if your Mac is already behind a router. Your router is a hardware firewall and preferable to anything else. Of course it "pings" your system but all it can receive in response is an answer from your router. Everything behind it is hidden, unless you are using a VPN - are you?
If your agency can "detect" AV software then it can also "detect" that you are using OS X. I highly doubt it can do either one. I use my Macs for secure government websites as well as highly secure Windows-centric corporate portals that require two-step authentication, and have yet to encounter any insurmountable obstacles.
Intego and Norton a/k/a Symantec are even worse than the others in that they are both known to cause problems with Macs. Online reviews are all biased, without exception, and many are grievously fraudulent.
If you have a burning need for a third party anti-virus utility that will probably placate the IT clowns in charge of this decision, use ClamXav. It is available from the App Store or directly from its developer. ClamXav is the only product that I know will cause no harm. It is free.MacBooks iMacs iPads AirPorts, OS X Mountain Lion, 28 years Apple!
Currently Being ModeratedFeb 25, 2013 6:17 PM (in response to John Galt)
Yes, it is VPN, sorry I didnt mention that earlier. So they can tell if I have AV if it IS VPN?
I did read about the ClamX-AV too and it rated high. Free from the App store huh?
This is what another friend told me but dont know the validty of this either:
"What they are doing is called Network Access Protection or NAP. They can set it up so when you connect and the conditions like AV aren't met it can send you to what Microsoft calls a remediation site where the company (Fed agancy) tells you what conditions aren't met and what changes are required."
Thanks again for your help!
Currently Being ModeratedFeb 25, 2013 6:26 PM (in response to GunnyFitz)
There are so many AV programs it is hard to believe they can detect you don't have one...but if you feel ou must, stay something that works well and is not dangerous to your Mac...and that is ClamXAV. Do not get Norton under any condition, it can cause serious damage to our operating system.
If you are running a remote desktop through Citrix you will have no problems...there are a couple tricks to it if that is what you are doing.
Currently Being ModeratedFeb 25, 2013 6:30 PM (in response to Ralph Landry1)
Matter of fact that is also correct. Citrix and VPN portal (as you can tell I have not done this before-so I appreciate what you guys are doing by helping me out here!)
Sounds like if I HAVE TO do anything it will be ClamXAV which I will look into. Gonna try getting thru without anything and play dumb on issue until they flat out tell me that is what is holding up any access. lol
Currently Being ModeratedFeb 25, 2013 6:41 PM (in response to GunnyFitz)
If you have trouble connecting it could be due to the way you are configured...have downloaded and installed the latest Citrix Receiver? If so talk to your IT people and be sure the are using the latest XenApp release...some agencies are not and the latest Citrix will not connect. If you are using certificates, be sure they are installed in Keychain Access correctly. Those are some starting points.
Currently Being ModeratedFeb 25, 2013 6:49 PM (in response to GunnyFitz)
OK, thanks. Microsoft's NAP is going to want to conduct a "health check" on its clients - what that means is it must receive a qualifying response, which may mean it will demand a Windows PC and nothing else will do.
Read the requirements here: NAP Requirements
All is not lost - they may have already added an exception for Macs according to the following: Design an Exception Management Strategy. You won't know until you access the VPN and attempt to use the system.
I recommend that you first to attempt to log in with their supplied VPN credentials and instructions. If you are unsuccessful, contact whoever supports the system and explain you are using a Mac incorporating the anti virus protection discussed. See if they are interested in implementing an exception according to the above. It can't possibly be the first time they heard the question.
If you cannot communicate with anyone who lives beyond the Windows world, your last and least attractive solution may be to create a Boot Camp partition on your Mac, boot Windows for your agency work, and get used to having to constantly endeavor to keep Windows free from the ick that plagues it.
ClamXav is here: Mac App StoreMacBooks iMacs iPads AirPorts, OS X Mountain Lion, 28 years Apple!
Currently Being ModeratedFeb 26, 2013 3:56 AM (in response to John Galt)
Hi John, I still think Gunny needs to try again to remote connect, and if that fails talk to his IT folks and find out what version of XenApp Server they are running.
I was trying to access my network using Moutain Lion/Safari/Citrix Receiver 11.7 and kept getting a failure. After blaming ML/Safari and CR for not being compatible, searched the error messages and could not find anything indicating a problem on my end. So, called Citrix about it and they said to download their XenApp Server specs and see what version was being run...CR 11.7 will not connect with a version two generations old. So I then called a friend in IT and was told the version was three generations old and they are trying to get funding to upgrade...my info and report might help.
So, the short story, the latest CR 11.7 will not connect with an old version of XenApp Server and having/not having AV software really doesn't make a difference. Secure remote access is a very sensitive thing when dealing with agencies that don't put themoney into the latest software, and are so PC oriented they cannot even spell Mac.
Currently Being ModeratedFeb 26, 2013 12:29 PM (in response to GunnyFitz)
Wish there was a way to attach all the stuff they gave me to get started at home and logging into system. I have many docs with the whole setip process. One of them is a list of approved AV programs which I will try pasting here below. Seems the CmaXAV is def one of them too which i am glad about!
Again, thanks to all of you guys for taking the time to assist here. Still have not received green light to actually log in so dont know what system will say once I do. BTW- called Apple Tech Support today to just inquire on their advice since Im sure they run into this situation alot with businesses etc. They opted to take the east way out and state that they do not offer advice to customers abiut which program to use, or which ones screw the OS up in so many ways you guys have listed. Therefore, it shall be decided upon based on what happens when I attempt login, and what AV program I obtain advice from my Mac buddies like you all. Thankfully, its not like once I step in it its mine forever and I can change up on it should I see adverse reactions to my system right?!
Here are those approved choices:
Computer Associates International, Inc.
eTrust ITM Agent
ESET NOD32 Antivirus
PC Tools Software
Trend Micro, Inc.
Trend Micro Security for Macintosh
Trend Micro Security for Macintosh
Currently Being ModeratedFeb 26, 2013 1:05 PM (in response to GunnyFitz)
Seems the CmaXAV is def one of them too which i am glad about!
Actually, I'm not sure that it is as the heading says ClamWin which is a Windows product that uses the same ClamAV scanning engine (both are currently at version 0.97.6) as ClamXav, but the latter is now at version 2.2.4 and the versions listed are obsolete for ClamXav. It looks like they are trying to let you use ClamXav, just that the information is totally borked.