Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Enabling Predefined Client-Side Policies for Windows Only (NSM Procedure)

    The Secure Access device comes equipped with predefined client-side Host Checker policies that you simply need to enable, not create or configure, to use them. The connection control policies work only on Windows systems. It includes:

    Enabling Connection Control Policies

    The predefined connection control Host Checker policy prevents attacks on Windows client computers from other infected computers on the same physical network. The Host Checker connection control policy blocks all incoming TCP connections. This policy allows all outgoing TCP and Network Connect traffic, as well as all connections to DNS servers, WINS servers, DHCP servers, proxy servers, and the Secure Access device.

    Note: Users must have administrator privileges for the Host Checker to enforce the connection control policy on the client computer.

    To enable the predefined Host Checker connection control policy:

    1. In the NSM navigation tree, select Device Manager > Devices. Click the Device Tree tab, and then double-click the Secure Access device for which you want to enable the predefined Host Checker connection control policy.
    2. Click the Configuration tab, and select Authentication > Endpoint Security > Host Checker.
    3. Select Settings > Options, and then select the Perform dynamic policy reevaluation check box.
    4. Click one:
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Note: You must evaluate or enforce the connection control policy at the realm level to make the policy effective on client computers.

    Published: 2013-01-03