We have several users who, through Comcast, have received copies of Norton Security Suite Software version 126.96.36.199. I however am having problems getting the Host Checker to recognize this software. The latest ESAP 1.5.9 also does not have this listed as an accepted Virus Protection Software. Any ideas when this may be available, or if it works under a different Criteria Type (Ex. Norton 360 3.x)?
Since this is a new AV product there is no support for it yet. Juniper is working to resolve the issue. I'm following up to find out which future ESAP version will have this support.
I'll post the version number here once I have more information.
you could work around that by adding custom hostchecker policies. e.g. like that:
by that you ensure, that the process is running and active on the users machine
this helps you to check for various files the Norton Security Suite Software version 188.8.131.52 installs. so you could check if the norton software is installed, by looking for those files on the clientmachine.
you could also try to find the antivirus definition-file(s) and check with the "File modified less than: xx days ago"-Option when the last update of the definitions was performed! like: "if the file wasnt touched for 20 days, its not up2date and gets denied". so you would almost have the functionality of the normal antivirus check. (you have to be sure that the definition-file is not getting touch by any other application though ;-) )
you could also add registry keys or whatever, so hopefully this helps. if yes, please kudo me
For the time being I have created this Custom Process rule to look for ccSvcHst.exe. This will be a temporary workaround until it is officially supported in an ESAP
This issue will be fixed in ESAP 1.5.10. The exact date of the ESAP release is not fixed yet but will mostly make it by April 16th.
Support for this was added in ESAP 1.6.0
Upgrade ESAP to 2.5.1 (the latest) and if still fails, please open up a JTAC case.