We're running an IVE version 6.5R1 with ESAP 1.6.7. We have some clients running Symantec Client Security (version 10.1.0.394) that are having problems getting past Host Checker.
The machines (laptops for field inspectors, engineers, etc.) have the full scan disabled because the laptop's CPU will get bogged down once they boot it up. Instead, they enabled a real-time virus scan that scans files while being uploaded/downloaded. So, they don't run a full scan periodically.
Can Host Checker still support this? Originally, we set up HC so that any user would have to have run a full scan in order to be compliant. We would like HC to support the real-time scanning so that it considers the laptop compliant.
Any other suggestions? I also thought about setting up a different sign-in page and could apply HC policies specific to these workstations, though I don't see how I could do anything differently.
In your Host Checker policy add another check for you Symantec Client Security 10 product, then at the bottom of the screen check the box to enable real time protection.
Back in your Host Checker policy select "Any of the above Rules" and HC will pass for whichever rule they are compliant with, or you can create a custom expression if your HC policy is more complex.
Thanks for the reply.
Doesn't the real-time protection refer to enabling it on the client for remediation purposes? My concern here is that the clients specifically don't have a periodic scan done, just real time is enabled on the Symantec client. So, they should already have this turned on.
Is this the same thing?