Chapter 42 Endpoint Security

42.1.1 What You Can Do in this Chapter

Use the Configuration > Object > Endpoint Security screens (Section 42.2 on page 623) to create and manage endpoint security objects.

42.1.2 What You Need to Know

What Endpoint Security Can Check

The settings endpoint security can check vary depending on the OS of the user’s computer. Depending on the OS, EPS can check user computers for the following:

Windows Auto Update setting

Installed security patches

Personal firewall installation and activation

Anti-virus installation and activation

Windows registry settings

Processes that the endpoint must execute

Processes that the endpoint cannot execute

The size and version of specific files

Multiple Endpoint Security Objects

You can configure an authentication policy or SSL VPN policy to use multiple endpoint security objects. This allows checking of computers with different OSs or security settings. When a client attempts to log in, the ZyWALL checks the client’s computer against the endpoint security objects one-by-one. The client’s computer must match one of the force authentication or SSL VPN policy’s endpoint security objects in order to gain access.

Requirements

User computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) installed and enabled with a minimum version of 1.4.

Finding Out More

See Section 7.7 on page 126 for an example of how to use endpoint security and authentication policies.

622

 

ZyWALL USG 20/20W User’s Guide