I've got users who have upgraded to Norton 2009 products, and now they can't connect to the VPN. This is not good, as it is critical to our business.
Can anyone from Juniper tell us when the new Norton products will be supported? Or is there another location on the Juniper site that has this info?
And how do we prevent this recurring problem, besides telling users not to upgrade or buy new software?
Your best bet would be to add the new process/service/.exe to the host check rules until the software is supported in ESAP.
Unfortunately, with people adding new software to machines without letting you know, this is going to happen.
A new ESAP (1.4.2) was just released, but I didn't see Norton 2009 as being supported in the release notes. I have the same issue with some users upgrading to 2009, then failing the Hostchecker.
Based on the Release notes, it looks like Norton 2009 is NOT supported yet in ESAP 1.4.4. Looks like they made it clear in the notes this time. Maybe 1.4.5 will have it.
I installed and activated 1.4.5 on our test VPN server. (The release notes say that it supports Norton AntiVirus 2009 (v16).) I didn't change any settings. I then asked the affected users to test it. Here are the results:
- Windows XP users: PASSED Host Checker
- Windows Vista users: FAILED Host Checker
So, we're almost there.
I've updated my support ticket regarding this matter.
The only problem we've encountered with 1.4.5 so far is that we had to turn off Host Checker's AntiVirus rule's optional setting "Virus Definition files should not be older than Updates." We had turned it on and set it to 10 updates. But people with up-to-date definition files were not passing Host Checker. But that's an issue for another thread.