to update
been busy with Juniper Support for a couple days now. Today even had conference call for about an hour with them (luckily they called me
).
OPSWAT is a thirdparty tool that Juniper is using for their so called HOST CHECKER.
This host checker checks for different rules that I configure.
My rule is that there should be a valid AV product installed that is running realtime protection.
OPSWAT added support for detecting Avast Business Protection (Plus). KUDOS!
So far so good.
Now, what me and the engineer concluded out of our session today is the following:
The host checker (OPSWAT basicly) DOES detect Avast is installed.
BUT
The host checker needs elevated rights to be able to detect if avast has the realtime protection turned on.
-When i logged in as a regular user on the computer, host checker FAILED the check (and thus not giving the option to make VPN connection)
-When i logged in as a domain administrator (which is part of the local administrators group), host checker FAILED the check (and thus not giving the option to make VPN connection)
-When i logged in as the local administrator of the machine, host checker PASSED the check and showed the option to make VPN connection.
-When i disabled UAC and logged in as a domain administrator, host checker PASSED the check and showed the option to make VPN connection.
-When i disabled UAC and logged in as a regular user, host checker FAILED the check (and thus not giving the option to make VPN connection)
The Juniper Engineer is in contact with Avast about this and im in the middle of all this of course.
Either OPSWAT has to change how the host checker checks, or Avast has to change the admin rights to check for realtime protection being turned on or not. Right now the shot is at the last option.
so far the update.