Hi Zanyterp

 

Many thanks for the helpful response.  It answers the question I asked, no doubt, but raises another one...   If EES is being deprecated, what is the preferred solution?   I am looking at EES because the SA devices I am being asked to implement will be in an environment that has no internet access at all, and therefore cannot download AV and patch updates from download.juniper.net for Host Checker.  EES seems to be the perfect answer.  Is there another?

 

Regards

I do not know of the future plans for a replacement. I am sure something is being ironed out, but I do not have access to the details (maybe you can check with your account team for more information). Are the users connecting in the same restriction (that they don't have internet access)? If yes, EES will be difficult to pass as well as the clients do the download for the updates. If not, this may be a viable option for you for the near-future. The other option is to manually retrieve the XML file from download.juniper.net (using a non-IE browser) and then either import it into the SA directly OR host it on an internal web server that the SA retrieves the file from.

If you desire a malware scanning feature similar to what was offered via EES prior to its deprecation, you may want to try GEARS from OPSWAT.GEARS utilizes OPSWATÕs Metascan¨ technology to scan devices for running threats using 40 commercial anti-malware engines.  GEARS is easily integrated to Host Checker via a registry/process check described at https://gears.opswat.com/integration/secure-access and attached here.