Enabling Advanced Endpoint Defense (NSM Procedure)

Host Checker includes integrated antispyware functionality that can detect and remediate Windows endpoints with spyware and keyloggers. Advanced endpoint defense (AED) ensures that malware, spyware, viruses, or worms are not present on endpoints that attempt to connect to the device, and you can restrict or quarantine these endpoints depending on your Host Checker policy configuration.

AED can scan endpoints and provide real-time file system write and execution to automatically remediate machines. AED reports any threats that are detected along with the remediation status.

To enable and use AED antispyware:

  1. In the NSM navigation tree, select Device Manager > Devices. Click the Device Tree tab, and then double-click the Secure Access device for which you want to enable the AED antispyware.
  2. Click the Configuration tab. In the Configuration tree, select Authentication > Endpoint Security > Host Checker.
  3. Select Settings > Policies, and then click New.
  4. Enter a name for the policy in the Policy Name box.
  5. In the Policy Type list, select Advanced Endpoint Defense Policy.
  6. In the Policy Info page, select the Enable Signature definitions check box. This sets the age of the signature definitions database.
  7. Enter the frequency in the Check that Signature definitions are updated in (days) box. This function does not change the frequency of updates. This number determines the maximum permissible age of signatures.
  8. Click one:
    • OK—Saves the changes.
    • Cancel—Cancels the modifications.

Note: When you create or configure realm or role Host Checker restrictions, you can select Advanced Endpoint Defense: Malware Protection to apply to that role or realm.

Related Documentation