If you have a Juniper / Pulse Secure VPN device and you use the Host Checker to confirm that connecting PC’s have an Anti Virus on them, you will eventually have a situation in which you need to allow and AV that is not on the ESAP list. In my case the situation was that AVAST for Mac had auto-upgraded to version 12 but the ESAP only supported versions 10 and 11. To get around this you can have the HOST CHECKER look for a “process” rather than a just the supported AV products:
- From the admin GUI, navigate to Endpoint Security > Host Checker
- Under Policies, click New.
- In the Policy Name field, type a name for the policy and click Continue:
- From the Rule Settings drop-down menu, select Custom: Process, then click Add to add this new rule.
- In the Rule Name field, type a name for the new rule and specify the Process Name.
- Set the rule to Required to ensure that the end user’s computer has this process running or else, host check would fail.
- Click Save Changes
Note 1: You can refer the computer’s Task Manager; refer to software vendor documentation or check with the software vendor for the process name.
Note 2: You can use asterisk wildcard(s). Avast 12 is most likely running on a Mac as com.avast.MacAvast.MAD but relying on users to get this information is difficult so I just used *avast* as you can see in the screen shot. I confirmed with Pulse Secure support that this would work but
Then set your Host Checker Settings Policy to ANY OF THE ABOVE RULES.