Barracuda Networks VERSION SP4 1.4.5 Health State Requirements

14 Introduction

If the client fails during a specific time it's state is changed to "Unhealthy". In other terms the client is

put into quarantine. This means that the client enables it's latest quarantine rule set.

On the Barracuda NG Firewall the proper state is propagated to the firewall engine where limited

access can therefore be enforced.

1.4.5 Health State Requirements

The following list provides an overview of the available Health State requirements. Failing a health

state requirement can either trigger automatic "self-remediation" or can require a manual action of the

user.

The desired behavior is configurable since some versions of Antivirus- or Antispyware do not fully

support auto-remediation. In case of manual action the user is informed about the required actions by

the Barracuda NG Access Monitor.

A list of all supported AV and AS engines is available via Access Control Service Trustzone > Support

Chart (see also 2.4.8 Support Chart, page 40).

Beside Barracuda Networks specific information, where health state requirements primarily depend on

Antivirus or Antispyware settings, the following requirements can be verified:

•Service Settings

• Is the installed Barracuda NG Personal Firewall active?

• Is the installed Virus Scanner active?

• Is the installed Spyware Scanner active?

•Antivirus Settings

• Which Virus Scanner vendors are allowed?

• Enabled AV Real Time Protection?

• When was the last AV Scan performed?

• When was the AV Engine updated?

• When were the AV Pattern Definitions updated?

•Antispyware Settings

• Which Spyware Scanner vendors are allowed?

• Enabled AS Real Time Protection?

• When was the last AS Scan performed?

• When was the AS Engine updated?

• When were the AS Pattern Definitions updated?

•Advanced Health State

• Which versions of the health suite are allowed?

•Miscellaneous

• Are specific Registry keys set?

• Which Microsoft hotfixes or service packs are present?

To verify these requirements, each Access Control Service depends on up-to-date information of AV

and AS products.

Barracuda Networks provides an online update service that helps Barracuda NG Network Access

Client Clients to recognize and activate AV and AS products.

Even the quarantine rule set must at least enable the client to connect to the Access Control Service, to the

Microsoft active directory, and to the remediation servers. Depending on the company's infrastructure, more

connections should be available to restore the client's health state to "Healthy" again.