I'm currently investigating options for supporting remote users on Macintosh computers. We're not currently Juniper customers. Our corporate policy is that any machine connecting to our remote access infrastructure have up-to-date antivirus software with realtime protection enabled. Our current SSL VPN vendor only supports Macs in a very limited fashion, and doesn't provide the robust checking we need.
Does anyone have experience with how well the host checker on a Juniper box works under MacOS? Specifically, I'm looking for the checks mentioned above, as well as supporting Snow Leopard.
I've seen in the Juniper documentation mention of pre-defined checks for antivirus/firewall/etc, but the documentation states that those are only for Windows. Is that still the case?
That is still the case. As of the latest release the SA can only check against files, processes and ports on the Macintosh platform.
You can use these to look for the AV / firewall files and processes which would be a decent solution, though it could be spoofed by renaming files and processes.
Hope this helps!
You can limit the files by age, and also by MD5 hash matching. The worst part of this is keeping the rules up-to-date when new versions are released.