| Chapter 35 Endpoint Security |
|
|
Table 161 Endpoint Security Object Commands | |
COMMAND | DESCRIPTION |
[no] | Sets a permitted personal firewall. If you want to enter multiple personal firewalls, |
personal_firewall_softwar | use this command for each of them. Use the list signature |
e_name | command to view the available personal firewall software package options. |
protection {enable | |
disable ignore} | |
| only detectable for the installation but also detectable for the activation status. You |
| can check the settings for each firewall software by using the show eps signature |
| |
| The user’s computer must have one of the listed personal firewalls to pass this |
| checking item. For some personal firewalls the ZyWALL can also detect whether or |
| not the firewall is activated; in those cases it must also be activated. |
|
|
[no] application | If you selected windows or linux as the operating system (using the |
command), you can use this command to set an application that a user’s computer is | |
process_name | not permitted to have running. If you want to enter multiple applications, use this |
| command for each of them. |
| The user’s computer must not have any of the forbidden applications running to pass |
| this checking item. |
| Include the filename extension for Linux operating systems. |
|
|
[no] application trusted- | If you selected windows or linux as the operating system (using the |
process process_name | command), you can use this command to set an application that a user’s computer |
| must be running. |
| The user’s computer must have all of the trusted applications running to pass this |
| checking item. |
| Include the filename extension for Linux operating systems. |
|
|
[no] description | Type a description for this endpoint security object. You can use alphanumeric and |
description | ()+/:=?!*#@$_%- characters, and it can be up to 60 characters long. |
|
|
[no] | If you selected windows or linux as the operating system (using the |
file_path | command), you can use this command to check details of specific files on the user’s |
| computer. |
| The user’s computer must pass one of the file information checks to pass this |
| checking item. |
|
|
[no] | Sets whether the size of the file on the user’s computer has to be equal to (eq), |
file_path {eq gt lt | greater than (gt), less than (lt), greater than or equal to (ge), less than or equal to |
ge le neq} | (le), or not equal to (neq) the size of the file specified. |
<1..1073741824> |
|
[no] | Sets whether the version of the file on the user’s computer has to be equal to (eq), |
file_path {eq gt lt | greater than (gt), less than (lt), greater than or equal to (ge), less than or equal to |
ge le neq} file- | (le), or not equal to (neq) the version of the file specified. |
version file_version |
|
[no] | Sets whether the size and version of the file on the user’s computer has to be equal |
file_path {eq gt lt | to (eq), greater than (gt), less than (lt), greater than or equal to (ge), less than or |
ge le neq} | equal to (le), or not equal to (neq) the size and version of the file specified. |
<1..1073741824> {eq gt |
|
lt ge le neq} file- |
|
version file_version |
|
Select the type of operating system the user’s computer must be using. Use the | |
| operating system. If you set this to |
| others allows access for computers not using Windows, Linux, or Mac OSX operating |
| systems. For example you create Windows, Linux, and Mac OSX endpoint security |
| objects to apply to your LAN users. An “others” policy allows access for LAN |
| computers using Solaris, HP, Android, or other operating systems. |
|
|
| 271 |
ZyWALL (ZLD) CLI Reference Guide | |
|
|