ESAP 2.3.8 and McAfee Total Protection 16.1.172

iancw_ · ‎06-24-2013

Hi guys,

Anyone have an issue with this? I have a user on Windows XP trying to connect to SSL VPN but always gets the message

"McAfee VirusScan 16.1.172 does not comply with policy. Compliance requires latest virus definitions."

although his virus definitions are up-to-date. He is using McAfee total protection. Is there anything he can do to get this working? Is this a known issue? Is there anything I can do on the SSL side of things (we have virus definitions set to updates at the moment as opposed to days).

Any help would be most welcome.

Thanks.

jayLaiz_ · ‎06-24-2013

Hi,

What ESAP version is active on the Juniper under End Point security--->Host Checker--->Manage Endpoint Security Assessment Plug-In Versions ?

http://www.juniper.net/techpubs/software/ive/esap/releasenotes/j-esap-2.3.7-releasenotes.pdf

ssues Fixed in ESAP2.3.7:
OPSWAT:
1. VirDefTime API is failing for McAfee Internet Security 2013 ( McAfee
VirusScan 16.x) (859386)

The above fix looks related, did you try upgrading to ESAP 2.3.7 and above?

Regards,

Jay

iancw_ · ‎06-24-2013

Thanks Jay. Great link!

We are running 2.3.8. But I found this now:

Issues Fixed in ESAP2.3.8:
OPSWAT:
1. Virus definition check (GetDataFileVersion and GetDataFileTime APIs)
is failing and returning "Invalid state" for AVG Antivirus Free Edition
2013 (859242)
2. McAfee Anti-Virus 16.1.144 is not getting detected even with admin
previleges (863747)

Makes me think it broke again for McAfee 16.1.172 and will be fixed in ESAD 2.3.9!!?

jayLaiz_ · ‎06-25-2013

It is better to raise a JTAC case as the issue relates to not detecting the virus definition updates which is supposedly fixed in esap 2.3.7.

For other users running the same AV, is it working fine?

Regards,

Jay

zanyterp_ · ‎06-26-2013

It is very possible it is something that is failing due to the new version.

As mentioned, please open a JTAC ticket for us to work with OPSWAT on it

PaddleFace_ · ‎04-05-2014

We at OPSWAT are aware that consumption of OESIS Framework updates by Juniper (and other partners) for inclusion in Hostchecker features released to end customers can be painful for Juniper and for its customers.

We are committed to releasing OESIS more frequently (currently weekly, with a goal of daily updates by end of 2014) and to make it easier for Juniper to validate OESIS releases and incorporate into their packages.

In addition, OPSWAT recently released a configurable client, GEARS, which auto-updates OESIS and stores endpoint device compliance status in the Windows Registry or Mac OS p-list.

The Host Checker can access and use this information through implementing either a (1) the default Antivirus Rule or (2) a custom process / registry checks.

A Hostchecker-GEARS configuration guide is posted at http://files.cdn.opswat.com/www.opswat.com/files/gears-integration/integrate-juniper-ssl-vpn-opswat-...

Using GEARS together with Hostchecker should reduce the number of issues you encounter with your end users being blocked due to their running an unrecognized endpoint security application.

Attachments:

ESAP 2.3.8 and McAfee Total Protection 16.1.172

ESAP 2.3.8 and McAfee Total Protection 16.1.172

Re: ESAP 2.3.8 and McAfee Total Protection 16.1.172

Re: ESAP 2.3.8 and McAfee Total Protection 16.1.172

Re: ESAP 2.3.8 and McAfee Total Protection 16.1.172

Re: ESAP 2.3.8 and McAfee Total Protection 16.1.172

Re: ESAP 2.3.8 and McAfee Total Protection 16.1.172