We at OPSWAT are aware that consumption of OESIS Framework updates by Juniper (and other partners) for inclusion in Hostchecker features released to end customers can be painful for Juniper and for its customers.
We are committed to releasing OESIS more frequently (currently weekly, with a goal of daily updates by end of 2014) and to make it easier for Juniper to validate OESIS releases and incorporate into their packages.
In addition, OPSWAT recently released a configurable client, GEARS, which auto-updates OESIS and stores endpoint device compliance status in the Windows Registry or Mac OS p-list.
The Host Checker can access and use this information through implementing either a (1) the default Antivirus Rule or (2) a custom process / registry checks.
A Hostchecker-GEARS configuration guide is posted at http://files.cdn.opswat.com/www.opswat.com/files/gears-integration/integrate-juniper-ssl-vpn-opswat-...
Using GEARS together with Hostchecker should reduce the number of issues you encounter with your end users being blocked due to their running an unrecognized endpoint security application.
