When using Symantec Network Access Control (SNAC) with the On-Demand client downloaded from a Gateway Enforcer, the built-in Host Integrity criteria for checking the SEP install status and definition date do not work correctly with SEP 12.1 RU4 and later on Macintosh OS X.
The RU4 release of Symantec Endpoint Protection (SEP) contained many improvements to the Macintosh client, including changes to process names and definition locations, which affected existing built-in Host Integrity checks.
The attached files contain custom Host Integrity scripts that can successfully check the install status and definition dates for newer SEP clients.
After importing the files under Policies -> Host Integrity in the SEPM console, the "[SEP MAC RU4 and after] Check running status" and "[SEP MAC RU4 and after] Check signature up to date" criteria can be copy/pasted into existing Host Integrity policies.
The Check signature up to date script can take additional parameters to customize the check. The parameters are entered under "Execute the command.." in the "Utility: Run a script" step within the criteria.
Compare current definitions on the client with a particular date