ZyXEL Communications unified security gateway 42.1.1 What You Can Do in this Chapter, 42.1.2 What You Need to Know

Chapter 42 Endpoint Security

42.1.1 What You Can Do in this Chapter

Use the Configuration > Object > Endpoint Security screens (Section 42.2 on page 623) to create and manage endpoint security objects.

42.1.2 What You Need to Know

What Endpoint Security Can Check

The settings endpoint security can check vary depending on the OS of the user’s computer. Depending on the OS, EPS can check user computers for the following:

•Windows Auto Update setting

•Installed security patches

•Personal firewall installation and activation

•Anti-virus installation and activation

•Windows registry settings

•Processes that the endpoint must execute

•Processes that the endpoint cannot execute

•The size and version of specific files

Multiple Endpoint Security Objects

You can configure an authentication policy or SSL VPN policy to use multiple endpoint security objects. This allows checking of computers with different OSs or security settings. When a client attempts to log in, the ZyWALL checks the client’s computer against the endpoint security objects one-by-one. The client’s computer must match one of the force authentication or SSL VPN policy’s endpoint security objects in order to gain access.

Requirements

User computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) installed and enabled with a minimum version of 1.4.

Finding Out More

See Section 7.7 on page 126 for an example of how to use endpoint security and authentication policies.