ZyXEL Communications 91-009-073003B 44.1.1 What You Can Do in this Chapter, 44.1.2 What You Need to Know

Chapter 44 Endpoint Security

44.1.1 What You Can Do in this Chapter

Use the Configuration > Object > Endpoint Security screens (Section 44.2 on page 667) to create and manage endpoint security objects.

44.1.2 What You Need to Know

What Endpoint Security Can Check

The settings endpoint security can check vary depending on the OS of the user’s computer. Depending on the OS, EPS can check user computers for the following:

•Operating System (Windows, Linux, Mac OSX, or others)

•Windows version and service pack version

•Windows Auto Update setting and installed security patches

•Personal firewall installation and activation

•Anti-virus installation and activation

•Windows registry settings

•Processes that the endpoint must execute

•Processes that the endpoint cannot execute

•The size and version of specific files

Multiple Endpoint Security Objects

You can configure an authentication policy or SSL VPN policy to use multiple endpoint security objects. This allows checking of computers with different OSs or security settings. When a client attempts to log in, the ZyWALL checks the client’s computer against the endpoint security objects one-by-one. The client’s computer must match one of the force authentication or SSL VPN policy’s endpoint security objects in order to gain access.

Requirements

User computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) installed and enabled with a minimum version of 1.4.

Finding Out More

See Section 7.7 on page 133 for an example of how to use endpoint security and authentication policies.