Running SA 4000 with 6.4r2 and ESAP 1.5.1. Clients are running McAfee.
Have had a rash of users being denied by Host Checker saying either they have not completed a full scan (30 day requirement) or have outdated virus definitions (10 version requirement).
In all cases, full scans are current as are virus definitions.
In two cases, complete removal of Juniper software and allowing them to reinstall from appliance has worked. For others it has not.
Anyone else seeing this?
I would try removing the Full Scan requirement and have the users still having issues test. I have come across HC/McAfee issues in the past when using multiple checks. This may not solve your problem, but it may help narrow it down. We currently check to make sure McAfee is using the latest DAT and then permit access. I hope this helps.
Check the Access Protection.
Try without out if enabled.
I have the same issue about the McAfee antivirus. The hostchecker says the system hasnt been scanned lately (our limit is 30 days) but the user has a full scan programmed weekly and he has manually done the full scan as well.
This problem is quite new, he could connect several days ago.
He has reinstalled the Juniper software but nothing changed.
Did you solve your problem ?
Where can I find the "Access Protection"??
First make sure you run an ESAP version (the host checker) that supports the Mcafee Version.
ESAP versions gets updated more frequently than the SA/UAC firmware.
You can ge the newest version from juniper.
Access Protection is part of (some) the Mcafee Suite.
What I experienced what I dug further into this was that some machines are simply too slow and will not release the HC dll files in a timely manner. Marking the HC executable as low risk in Mcafee helps sort this out as the Mcafee only checks the exe not everything the exe touches. Should be ok with that file.