ZyXEL Communications 91-009-073003B Endpoint Security, 44.1 Overview

44

Endpoint Security

44.1 Overview

Use Endpoint Security (EPS), also known as endpoint control, to make sure users’ computers comply with defined corporate policies before they can access the network or an SSL VPN tunnel. After a successful user authentication, a user’s computer must meet the endpoint security object’s Operating System (OS) option and security requirements to gain access. You can configure the endpoint security object to require a user’s computer to match just one of the endpoint security object’s checking criteria or all of them. Configure endpoint security objects to use with the authentication policy and SSL VPN features.

For example, an authentication policy could use an endpoint security object that requires a LAN user’s computer to pass all of the object’s checking items in order to access the network. LAN user A passes all of the checks and is given access. An SSL VPN tunnel could use a different endpoint security profile that only requires the user’s computer to match at least one checked item. SSL VPN user B matches at least one of the items checked by the SSL VPN’s endpoint security object and is granted access to the system resource defined in the SSL VPN access policy; in this example a web server. SSL VPN user C fails all of the SSL VPN’s endpoint security check and is not given any access.

Figure 379 Endpoint Security