This article describes an issue where Spybot - Search & Destroy immunization causes connection issues with VPN tunneling clients and JSAM.
Problem or Goal
If Spybot - Search & Destroy is installed, and used to Immunize the client machine, this will result in the host file being set to "Read-Only" and over 14,000 entries being added. This can cause connection issues when using Network Connect, Pulse Secure Desktop, and JSAM in cases when host file modification is required.
Pulse Secure Desktop Client and NC: See KB19294 for more information on when hosts file modification is required using NC or Pulse Secure Desktop Client (L3) connection.
JSAM: For JSAM to function, it must listen on loopback addresses for client requests to network application servers. The recommended process for mapping application servers to a user’s local PC is to enable the automatic host-mapping option, which enables the PCS to automatically modify the PC hosts file to point application servers to the localhost for secure port forwarding. For the PCS to perform automatic host-mapping, however, PC users must have the proper privileges on their machines. If your PC users do not have these privileges, you must ensure that your internal application server names resolve externally to a PC’s localhost by adding entries to your external Internet-facing DNS server. For more information, please see the Secure Access Administration Guide.
"Read-Only" attribute set on the host file
Spybot entries added
Host file size increase
Remove the"'Read-Only" attribute from the host file and if needed, feel free to remove any unnecessary entries.