02-23-2012 10:53 AM
I am running to w weird issue where users will get a host checker failuer on the antivirus call Sophos afte the user logon through network connect. It doe snot happen every minute. It randomly will give the user the error. The host check is set to check every 10 minutes. The users have uninstall all the Juniper software and let it reinstall again. I am running the latest ESAP version 2.1.0 and IVE OS 7.1 R6 for SA2000. Sophos version 9.5.5 is compatible with the latest ESAP and the users laptop are up to date. The juniper engineer has no clue why this is happening. Here is the exact error: Host Checker policy 'AntiVirus' failed on host x.x.x.x for user. Reason: 'Sophos Anti-Virus 9.5.5 does not comply with policy. Compliance requires real time protection enabled.; Anti-Virus or Anti-Spyware software listed in security requirements is not installed.; Sophos Anti-Virus 9.5.5 does not comply with policy. Compliance requires real time protection enabled.; Anti-Virus or Anti-Spyware software listed in security requirements is not installed.; Anti-Virus or Anti-Spyware software listed in security requirements is not installed.'.
Sophos 9.x is part of the antivirus host checker policy.
Any help would be appreciated.
02-24-2012 06:20 AM
I am still working with Juniper engineer. He is telling me to gather these logs and run trace but it is hard to do it when the error happen randomly and not at a certian time. The error is quick so the user can not take a screenshot and the network connect will successfully reconnect itself. I wonder if it has to do with OPSWAT but not sure. It is a werid one. One user try to uninstall all teh Juniper software but still get the host checker error. The Case #2012-0220-0328
Thanks in advance.
02-25-2012 06:44 AM
03-01-2012 07:13 AM
Sophos is always up to date when it is failing. I set the antivirus rule to check every 30 minutes and virus def files should not be older than 10 updates but it still does not detect the Sophos antivirus.
03-01-2012 10:59 AM
I reached out to the case owner and gave a few suggestions. It looks like we need to run a few more tests on the machine to determine if this is an issue with our third party or hostchecker itself.