I manage the OESIS OK Certification program at OPSWAT, which is in place to get AV/security software vendors to work with us to ensure that their programs work with Juniper Host Checker (and a huge variety of other applications).
I know Juniper is committed to ensuring interoperability (they are sponsors of the certification program) and we at OPSWAT devote a lot of resources to interacting with the AV vendors to make sure that they know what we do and that we support their products.While we are able to do a lot on our own, we do require the participation of the software vendors in order to make their products work with Juniper. It is to them you should look for help resolving this bug.
With both McAfee and Symantec, we have had many discussions trying to get them to sign up and include us in their release pipeline so that their applications are already supported when they are in a final release state. However, at this point these companies have not completed the partnership process.
What does get their attention, however, are requests directly from consumers. I encourage anyone who faces challenges like this to contact your security software vendor. Our partnership program is free. Because we are so proactive, vendors often don't undertand that we need their participation. That is until they release an update/product that breaks support and they hear from customers.
The Norton/Comcast issue was brought to our attention last week from another technology vendor. We contacted Symantec (they had been made aware of it in their user forums) and they, very helpfully, got us what we needed to add support. It will be part of the OESIS Framework update we are rolling out today. However, while this solves this particular issue, we really need them to make us a part of their release schedule via OESIS OK.
I am happy to answer any questions this raises.
Thanks for the update. I passed it on to my users. Hopefully they are more proactive in working with you. I did send them an email encouraging them to work with Opswat more closely.
We at OPSWAT are aware that consumption of OESIS Framework updates by Juniper (and other partners) for inclusion in Hostchecker features released to end customers can be painful for Juniper and for its customers.
We are committed to releasing OESIS more frequently (currently weekly, with a goal of daily updates by end of 2014) and to make it easier for Juniper to validate OESIS releases and incorporate into their packages.
In addition, OPSWAT recently released a configurable client, GEARS, which auto-updates OESIS and stores endpoint device compliance status in the Windows Registry or Mac OS p-list.
The Host Checker can access and use this information through implementing either a (1) the default Antivirus Rule or (2) a custom process / registry checks.
A Hostchecker-GEARS configuration guide is posted at http://files.cdn.opswat.com/www.opswat.com/files/g
Using GEARS together with Hostchecker should reduce the number of issues you encounter with your end users being blocked due to their running an unrecognized endpoint security application.