We have just upgraded to BIG-IP 126.96.36.199 and APM Client 7.2.2.
We have access policy that controls the antivirus version before logging in.
Rule 1 for Symantec Endpoint and Rule 2 for Windows Defender.
Some computers are blocked because when the information is returned, the first antivirus returned is Windows Defender and the rules no longer match .
For the same computer at the next attempt, the order of the information is reversed, it is SEP that goes up first and in this case the rules match, in this case the user is logged .
We have updated the latest EPSEC package but nothing is done.
Have you ever noticed this problem?
Thanks and Regard
You shouldn't need a different rule for each AV engine. You can specify all the acceptable AV engines in a single agent instance, and then have rules for pass or fail. That way the order in which they are detected is irrelevant.
We have tried several things and unfortunately Antivirus never go back in the same order despite declaring that SEP or Defender or Defender ATP, the three antivirus are always reported but in different orders at each connection.