It's hard to say what's going on with this thing... One of my users said earlier this week that they were able to use Avira again, and nothing was done on our end to change things. Today it's back to not working again.
We are experiencing this problem now with ESAP 1.6.3.
The message 'Avira AntiVir Personal - Free Antivirus 184.108.40.2062 does not comply with policy. Compliance requires latest virus definition files." is being displayed within the logs.
The installation reports that the latest virus definition files are present but this is not being recognised within HC.
This seems to work intermittently (with both ESAP 1.6.2 and 1.6.3) any ideas/suggestions? Has the previous OESIS framework issue come back?
Are users all on the same desktop language? What does your client log show on failure? If you are requiring up-to-date definitions, how frequently are you updating the definitions on the IVE (Authentication>Endpoint Security>Host Checker>Anti-virus version monitoring)? Does changing this to something more frequent help?
My experience with Avira Free Personal is, that you must not set the
"Virus Definition files should not be older than x Updates"-Option too restrictive, to avoid
that the HC complains about a non up to date definition file.
I made some tests with two machines, one with Avira Free Personal, the other with Avira Premium
and it showed that the Avira Free Personal does not get all the Updates the Premium Version get.
Even if the Free Edition states "Up to date" it was, In average, one or two versions behind the Premium Edition.
The peak was a difference of eight Versions behind.
A quick look at the epupdate_hist.xml showed that there is not differentiation between the Free and the Premium Version of Avira.
This means that, depending on how restrictive the HC settings are, sometimes the Avira Free Edition is rated as "not up to date", because the SA compares the definition of the Free Version against the definition of the Premium version.
I think you guys should check out http://www.opswat.com/ there are 2 or 3 products that may be a match. I think that OESIS Framework at http://www.opswat.com/products/oesis-framework provides a single interface to many antivirus and Avira is in that list. Another option is, I think, Metascan at http://www.opswat.com/products/metascan which is more for ISV.
I also found that Avira is certified by OPSWAT at http://www.opswat.com/certified.
I hope this helps.
We at OPSWAT are aware that consumption of OESIS Framework updates by Juniper (and other partners) for inclusion in Hostchecker features released to end customers can be painful for Juniper and for its customers.
We are committed to releasing OESIS more frequently (currently weekly, with a goal of daily updates by end of 2014) and to make it easier for Juniper to validate OESIS releases and incorporate into their packages.
In addition, OPSWAT recently released a configurable client, GEARS, which auto-updates OESIS and stores endpoint device compliance status in the Windows Registry or Mac OS p-list.
The Host Checker can access and use this information through implementing either a (1) the default Antivirus Rule or (2) a custom process / registry checks.
A Host Checker-GEARS configuration guide is posted at http://files.cdn.opswat.com/www.opswat.com/files/g
Using GEARS together with Host Checker should reduce the number of issues you encounter with your end users being blocked due to their running an unrecognized endpoint security application.
OPSWAT also recently released a cloud-based platform called GEARS that supplements the host checker. As it is cloud-based the update cycle is weekly.
You can easily integrate it into Host Checker and configure the policies with the GEARS dashboard.
You can find the integration steps here: https://gears.opswat.com/integration/secure-access