GlobalProtect HIP check fails to detect Cybereason Anti-Malware on Linux

GlobalProtect HIP check fails to detect Cybereason Anti-Malware on Linux

4660
Created On 05/14/20 21:22 PM - Last Modified 07/08/20 00:16 AM


Symptom
  • As seen from firewall GUI
GUI HIP match
  • From GlobalProtect Logs, PanGPA.log:
<hip-report name="hip-report">
        <generate-time>04/24/2020 16:40:08</generate-time>
        <hip-report-version>4</hip-report-version>
        <categories>
            <entry name="host-info">
                <client-version>5.1.2-26</client-version>
                <os>Linux Ubuntu 19.10</os>
                <os-vendor>Linux</os-vendor>
                ---- cut for brevity ---
            </entry>
            <entry name="anti-malware">
                <list/>                  <<<<<<<<<<<<< No Cybereason
            </entry>


Environment
  • PANOS
  • GlobalProtect HIP
  • GlobalProtect app version 5.1.0 and above  
  • Linux endpoints all flavors (verified on Ubuntu v19.10 and CentOS v8.1.1911)


Cause
Currently, OPSWAT does NOT support Cybereason Anti-Malware application on Linux platforms (all flavors). Per OPSWAT support, Cybereason Anti-Malware will be supported in future OPSWAT release.

Additional Information
Please refer to this link for currently supported anti-malware on Linux and future updates for anti-malware applications as added by OPSWAT.

Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kCSArticleDetail?id=kA10g0000008U3y&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkCSArticleDetail

Attachments
Choose Language