After 20+ years, OneCare 2.0 might very well be my last Microsoft product.... RRS feed

  • Question

  • Good day Gentlemen


    Having just replaced my old trusty laptop, I've encountered a problem with Live OneCare 2.0 that has left me baffled.  After a few wasted hours and phone calls, I'm left without any solution, and apparently no recourse but to share it here in the hopes of saving the time of others.


    My university, like many other major campuses around the US, requires of students to use the Cisco Clean Access agent in order to use their wireless LAN connections.  This is to ensure that an effective antivirus solution has been installed in every client of the network. I had OneCare 1.6 on my older laptop, and the Cisco software approved of it, worked seamlessly. 


    Just pulled the trigger on a new Latitude D630, and as I'm/was a loyal Microsoft customer, decided to renew my subscription to Live OneCare to go with the new laptop. Long story short, it appears that the money spent on OneCare would have been just as useful if burned and ashes spread on the ocean.  Cisco Clean Access does not approve of Live OneCare, and so the thousands of students at my university, as well has the multitudes more at campuses around the nation, are wasting their money shall they choose to blindly purchase Live OneCare 2.0. 


    This is really disheartening, specially for the fact that all sides involved, from MS to Cisco to one's campus, seem to shift responsibility towards the others, and in my sober analysis as a customer, all are in their right except for Microsoft.  One should not be be marketing a product when it is known that major flaws and incompatibilities exist. At the very least, should MS want to continue selling the faulty product, they should be up front and disclose said issues with their unsuspecting clientele.  A quick web search would suffice at informing anyone of all of the problems with 2.0, but for being, as I said, a loyal MS client, I blindly purchased.


    Even if one is proactive about this and attempts to contact the powers that be within an university's IT department, it seems to fall on death ears -- 'Cisco's security policies are independent of ours..we pay them for their abilities to decide when to deem a security product worthy, not us' -- seems to be the standard answer.


    If this problem is not resolved by Microsoft within this month, I will be forced to buy a competitor's product, and thus will demand a refund. And if one is not issued, they will effectively loose one more customer, a loyal one since the early eighties, at that.




    Friday, January 25, 2008 5:18 PM


  • Hi,


    We've contacted Cisco and here is their response:

  release coming out shortly will have support for oneCare 2.x but for now the customer can configure ‘custom checks’ on the NAC Appliance to handle oneCare 2.x.


    It looks like a simple ACL change.  Please contact your IT folks and request they update the rule to allow for OneCare 2.x or update the software to as soon as available. 


    Thanks and apologies for the delayed response.



    Saturday, February 9, 2008 12:11 AM

All replies

  • John, I'm sorry to read of your problem, but this really is a Cisco issue and not a Microsoft issue (well, unhappy customers or lost sales would be of interest to Microsoft, I'm sure.)


    The problem is that the Cisco software needs to allow or see OneCare 2.0 as a valid security package, just as they eventually did for 1.0 through 1.6 before. The school relies on Cisco to provide an approved list of packages to the software and to scan all PCs on the campus network. I don't see the school being at fault - the IT dept's response is valid.


    I can't tell you why Cisco has not updated their software to allow OneCare v2.0. I will tell you that I will mention this to my contacts on the OneCare team so that Microsoft can follow up with Cisco, but that isn't going to help you unless Cisco immediately updates their list and your school immediately updates their copy of the list.


    As for OneCare problems found via web search, if you simply read these forums, you'd think OneCare was the worst product ever sold. You'll find the same for just about every other forum for a vendor's product. Forum users are people who have encountered a problem and need help or want to vent. Very few forum users are happy customers who come here to thank the developers. I volunteer my time here because I believe in OneCare. The vast majority of people using OneCare do not encounter problems and it provides excellent protection for them. No security product is perfect as the malware authors are always trying to break the protection and the developers of the protection are in a race to prevent damage, or clean the malware from the system after the fact.



    Friday, January 25, 2008 5:34 PM

    Good day Steve


    Thank you for your reply. Yes, I do concur with the premise that this is really a Cisco issue, for it is their firm that has the responsibility of updating their systems to reflect accepted security packages.


    But perhaps I should have elaborated a bit more, for calling this a 'Cisco issue' and leaving it at that would be correct, but only by way of semantics.  It is a Cisco issue, for sure, but a conscious one at that.  They are aware that they are denying service to thousands of college students, most of which have a dire need to use network services, and rely on said services to get their academic work done.  A call to any university IT dept which employs the popular Cisco solution will show that they are quite aware of the issue, but the heart of the matter remains that Cisco, for whatever technical reasons they hold, are consciously choosing not to validate the new Microsoft AV.


    It should be noted that those decisions are not taken lightly, for as I alluded to, said decision effectively pulls the plug out on thousands of students, many of whom rely on said connections exclusively on a daily basis. My university alone has an enrollment of over forty thousand, and is just one out of thousands of institutions that rely on the Cisco software, including high-schools, public institutions such as libraries, and countless private and public universities.


    I've asked of Cisco to elaborate on why they have yet to validate OneCare 2.0, and their reply up to now has been standard boilerplate stuff.  However, all whom I have spoken to, including fellow classmates, other students from other colleges, and my computer science professors and management personnel, have all told me the same, that Cisco as of now does not approve of and refuse to validate OneCare live. 


    But it is true, it is not Microsoft's ultimate responsibility.  They are not liable to ensure that their software is approved by all third parties.  But as a loyal client, I feel that a kind disclosure would be in order, specially in light of the fact that there is no way to rollback to the approved version 1.6, even thouht I have the disc, and further in light of the number of users liable to be disenfranchised because of this. 


    I should note an interesting side-note. Its quite the interesting situation for me,  for I am one of the very few MS loyalist amongst fellow computer science students and faculty.  Most give me that 'why are you even using MS stuff to begin with!' smirk.  Most use linux and open source code to power their systems, and express validation of their ways upon me even bringing this up.  I buy and support MS as much out of custom as out of my personal taste. However, its quite easy for the likes of me to circumvent this issue and toss MS to the side. 


    This issue is really affecting another type of student, all of those non-technical types who come to their campus with their laptops using one of the three OneCare licenses purchased by their parents back home.  For me, its more a matter of principle.  If they are aware of the issue, which I must by simple reasoning assume they are, they should disclose up front, or at least work with speed to appease the affected user base.  The fifty dollars or so is neither here nor there for me, the monetary side is moot.  I'm now successfully running a free copy of AVG in tandem with the Cisco agent, whilst my subscription to OneCare sits idle while the subscription renewal countdown just march ahead  without use.


    I appreciate you considering bringing this matter up with the OneCare team, for if this particular issue is not solved, it renders Microsoft's AV entry quite moot amongst a large portion of the academia.




    Friday, January 25, 2008 6:42 PM
  • Hi John,


    We've quickly reviewed the Cisco Clean Access Policy.  It would appear they have approvals for OneCare version 0.8.x through 1.x.  It would appear that upping the OneCare version to 2.0 fails their checker and thus denies access.


    From a product perspective, clearly the 2.x product is far superior in features and detection to any of its predecessors.  As such, we believe the problem you are describing is a lack of communication of our new release to Cisco.  The folks in PR and third party relations have been notified of this problem and are working with Cisco to resolve this miscommunication.


    Appreciate both you & Steve for bringing this to our attention and for your continued support of Microsoft Windows Live OneCare.


    Thank you

    Eddy Hsia

    Friday, January 25, 2008 9:11 PM
  • I, too, have been recently affected by this problem. For some reason, ver. 2.0 (final) has been working fine for me since its release. Clean Access never indicated that it recognized OneCare 2.0, but it allowed me to connect anyway. As of Tuesday of this week it now says I have no antivirus. I've been forced to install our university-provided McAfee 8.5i (runs like molasses compared to OneCare). I miss the Tune-Ups too. Any efforts by anyone who can encourage Cisco to fix this annoying and rediculous oversight would be most appreciated. I only have 20 days left in my current OneCare subscription and I planned on buying one renewal and another new subscription for 3 more computers; I realize this is out of Microsoft's control, but if I can't use OneCare with Clean Access I'll have no choice but to let my subscription expire until Cisco fixes it. Anyone with any influence, please let them know there are more than 2 users who want to use OneCare with Clean Access. Two days gone and I already miss it.
    Thursday, January 31, 2008 3:35 AM
  • Hi,


    We've contacted Cisco and here is their response:

  release coming out shortly will have support for oneCare 2.x but for now the customer can configure ‘custom checks’ on the NAC Appliance to handle oneCare 2.x.


    It looks like a simple ACL change.  Please contact your IT folks and request they update the rule to allow for OneCare 2.x or update the software to as soon as available. 


    Thanks and apologies for the delayed response.



    Saturday, February 9, 2008 12:11 AM
  • I have been running for about 2-3 weeks now. In fact, I believe it was soon after upgrading to that OneCare 2.0 stopped working with Clean Access.
    Saturday, February 9, 2008 7:24 AM
  • I haven't heard any news on this in weeks, but was just released and I'm wondering (if anyone else has it yet) if OneCare 2.0 is now recognized?
    Wednesday, April 9, 2008 2:04 PM
  • I work for a college that uses CCA and hoped that the next update would fix this issue as I have a bunch of students using Live One Care 2.x and have to create excepations.  This is the list of Microsoft supported security items dected by CCA taken from the web consle today. I does not appear to support 2.x yet.



    Minimum Agent Version Required to Support AV Products
    Product Name/Version Installation Virus Definition
    Def Date Def Version
    Microsoft Forefront Client Security  1.5.x (Not Supported)
    Windows Live OneCare  1.x (Not Supported)
    Windows OneCare Live  0.8.x (Not Supported) (Not Supported)
    Thursday, April 10, 2008 7:24 PM
  • But the Cisco site also lists:

    Windows Live OneCare


    yes (

    yes (


    Thursday, April 10, 2008 7:27 PM
  • Could you please post a link to that page?


    I took that list I posted right off the CCA Manager Web Admin Console, so not sure there. My clients starting seeing this client update as a mandaotory update this morning.


    I may have to wait for the update that runs overnight.

    Thursday, April 10, 2008 7:36 PM
  • http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/413/413rn.html#wp81944

    It's the release notes for CCA. The update was mandatory for us yesterday and wasn't offered by CCA agent at all Wednesday. If you haven't been there already, take a look at http://listserv.muohio.edu/scripts/wa.exe?A0=cleanaccess 

    It's a mailing list maintained by Miami Univ. in Ohio. It's the only public communication of CCA admins I can find.

    Thursday, April 10, 2008 7:44 PM
  • I think I have found the issue.  At least on mine I believe I have to update the CAM (Clean Assess Backend) to version or higher I am only running 4.1.3 I am working to do this soon and I will report back.


    Monday, April 21, 2008 4:09 PM