Chapter 44 Endpoint Security

44.1.1 What You Can Do in this Chapter

Use the Configuration > Object > Endpoint Security screens (Section 44.2 on page 667) to create and manage endpoint security objects.

44.1.2 What You Need to Know

What Endpoint Security Can Check

The settings endpoint security can check vary depending on the OS of the user’s computer. Depending on the OS, EPS can check user computers for the following:

Operating System (Windows, Linux, Mac OSX, or others)

Windows version and service pack version

Windows Auto Update setting and installed security patches

Personal firewall installation and activation

Anti-virus installation and activation

Windows registry settings

Processes that the endpoint must execute

Processes that the endpoint cannot execute

The size and version of specific files

Multiple Endpoint Security Objects

You can configure an authentication policy or SSL VPN policy to use multiple endpoint security objects. This allows checking of computers with different OSs or security settings. When a client attempts to log in, the ZyWALL checks the client’s computer against the endpoint security objects one-by-one. The client’s computer must match one of the force authentication or SSL VPN policy’s endpoint security objects in order to gain access.

Requirements

User computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) installed and enabled with a minimum version of 1.4.

Finding Out More

See Section 7.7 on page 133 for an example of how to use endpoint security and authentication policies.

666

 

ZyWALL USG 50 User’s Guide