SSL VPN host-check-policy (A and B) or (A and C)

Fortigate: 6.0.6 This is related to https://kb.fortinet.com/k....do?externalID=FD39129 and to https://kb.fortinet.com/k....do?externalID=FD48982 We have defined a custom host check to only allow access from systems that are member of our domain, that have specific files in a given folder and that run certain programs. We would like to add an antivirus check to that. The difficulty is that we are in the process of upgrading the anti virus software, and noticed that the old version has a different GUID from the new one.  Due to circumstances beyond our control, we expect it will take several months before everyone is running the same version again. We configured the host-check-software similar to this: config vpn ssl web host-check-software     edit "Domain check"         config check-item-list             edit 1                 set type registry                 set target "HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters:Domain=ours.com"             next             (...)             edit 5                 set type process                 set target something-essential.exe             next         end     next     edit "AV virusscan 1"         set version "18"         set guid "mmmmmmm"     next     edit "AV virusscan 2"         set version "19"         set guid "nnnnnnn""     next end

But how do you define the host-check-policy so that either the 1st and 2nd or the 1st and 3rd condition must be met for a given portal? (I.e. (A and B) or (A and C)) Kind regards, Herta