Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Host Checker Third-Party Applications Using Predefined Rules (NSM Procedure)

    Host Checker comes pre-equipped with a vast array of predefined rules that check for antivirus software, firewalls, malware, spyware, and specific operating systems from a wide variety of industry leaders. You can enable one or more of these rules within a Host Checker client-side policy to ensure that the integrated third-party applications that you specify are running on your users’ computers in accordance with your specifications. For firewall and antivirus rules, you can specify remediation actions to automatically bring the endpoint into compliance.

    To configure third-party applications using predefined rules:

    1. In the navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure Host Checker third-party applications using predefined rules.
    3. Click the Configuration tab and select Authentication > Endpoint Security > Host Checker. The corresponding workspace appears.
    4. Create a new policy or click an existing policy in the Policies section of the page.
    5. Click the tab that corresponds to the operating system for which you want to specify Host Checker options—Windows, Mac, Linux, Solaris and Windows Mobile. In the same policy, you can specify different Host Checker requirements for each operating system.
    6. Add and modify settings as specified inTable 1.
    7. Specify the support products or vendors for a system scan check.
    8. Click one:
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Table 1: Configuring Host Checker Third-Party Applications Using Predefined Rules Details

    OptionFunctionYour Action
    Predefined Antivirus Rules

    Rule Name

    Specifies the name for Antivirus rule.

    Enter the rule name.

    Select Products

    Specifies the support products or vendors for system scan check.

    Select one of the following options:

    • Require any supported product—Specifies the software vendor’s product that is supported for the system scan check.
    • Require specific products/Vendors—Specifies the specific vendor for the system scan check.

    Require any supported product from a specific vendor

    Checks for any product (rather than requiring you to select every product separately).

    Select the Require any supported product from a specific vendor to enable this feature.

    Require specific products

    Checks for specific products/vendors to define compliance by allowing any product by a specific vendor (for example, any Symantec product).

    Select the Require specific products to enable this feature.

    Enable Scan period check

    Enables the System scan for the product.

    Select the Enable Scan period check to enable this feature.

    Successful System Scan must have been performed in the last: (days)

    Specifies the days to perform the system scan.

    Enter the days.

    Consider this rule as passed if 'Full System Scan' was started successfully as remediation.

    Passes the rule if system full scan starts successfully as remediation.

    Select the Consider this rule as passed if 'Full System Scan' was started successfully as remediation. to enable this feature.

    Enable virus definitions update check

    Checks for the viral updates.

    Select the Enable virus definitions update check to enable this feature.

    Virus Definition files should not be older than (updates)

    Specifies the update of client Virus definition files the client must use.

    Enter a number between 1 and 10. For example: If you enter 1, the client must have the latest update. You must import the virus signature list for the supported vendor.

    Monitor this rule for change in result

    Continuously monitors the policy compliance of endpoints.

    Select the Monitor this rule for change in result to enable this feature.

    Enable Download latest virus definition files for all supported products

    Allows you to download latest virus definition files for all supported products.

    Select the Enable Download latest virus definition files for all supported products to enable this feature.

    Enable Turning on Real Time Protection for all supported products

    Enables turning on real time protection for all supported products.

    Select the Enable Turning on Real Time Protection for all supported products to enable this feature.

    Enable Starting of Antivirus Scan for all supported products

    Scans supported products with antivirus scan.

    Select the Enable Starting of Antivirus Scan for all supported products to enable this feature.

    Selected Vendors tab

    Selected Vendors

    Allows you to select the specific vendors.

    Select the vendor, and then click Add to move the vendor from the Non-members to the Members list.

    Specific Products Selected tab

    Specific Products Selected

    Allows you to select the specific products.

    Select the product, and then click Add to move the product from the Non-members to the Members list.

    Selected Products tab

    Product name

    Allows you to select the product.

    Select the product from the Product name drop-down list.

    live-update

    Allows live-update for the product.

    Select the live-update option to enable this feature.

    set-real-time-protection-on

    Allows real-time protection for the product.

    Select the set-real-time-protection on option to enable this feature.

    start-scan

    Starts the scanning process for the product.

    Select the start-scan option to enable this feature.

    Predefined Firewall Rules

    Rule Name

    Specifies the name for the firewall rule.

    Enter the name.

    Select Products

    Allows you to select your firewall vendor(s) and product(s).

    Select one of the following options from the drop-down list:

    • Require any supported product—Specifies the software vendor’s product that is supported for the system scan check.

    • Require specific products/vendors—Specifies the specific vendor for the system scan check.

    Require any supported product from a specific vendor

    Checks for any product (rather than requiring you to select every product separately)

    Select the Require any supported product from a specific vendor to enable this feature.

    Require specific products

    Specifies specific products/vendors, and defines compliance by allowing any product by a specific vendor (for example, any Symantec product).

    Select the Require specific products to enable this feature.

    Monitor this rule for change in result

    Continuously monitors the policy compliance of endpoints.

    Select the Monitor this rule for change in result to enable this feature.

    Turn on firewall for all supported products

    Turns on the Firewall.

    Select the Turn on firewall for all supported products to enable this feature.

    Selected Vendors tab

    Selected Vendors

    Allows you to select the specific vendors.

    Select the vendor, and then click Add to move the vendor from the Non-members to the Members list.

    Specific Products Selected tab

    Specific Products Selected

    Allows you to select the specific products.

    Select the product, and then click Add to move the product from the Non-members to the Members list.

    Selected Products

    Product name

    Allows you to select the product.

    Select the product from the Product name drop-down list.

    turn-on-firewall

    Turns on the Firewall for the product.

    Select the turn-on-firewall option to enable this feature.

    Predefined Malware Rules

    Rule Name

    Specifies the name of the Malware rule.

    Enter the Malware rule name.

    Monitor this role for change in result

    Continuously monitors the policy compliance of endpoints.

    Select the Monitor this role for change in result to enable this feature.

    Selected Products

    Allows you to select the products.

    Select the product, and then click Add to enable this feature.

    Predefined Spyware Rules

    Rule Name

    Enter the name for the spyware rule.

    Enter the name.

    Select Products

    Allows you to select products or vendors

    Select one of the following options from the drop-down list:

    • Require any supported product—Specifies the software vendor’s product that is supported for the system scan check.
    • Require specific products/vendors—Specifies the specific vendor for the system scan check.

    Require any supported product from a specified vendor

    Checks for any product (rather than requiring you to select every product separately).

    Select the Require any supported product from a specific vendor option to enable this feature.

    Require specific products

    Specifies specific products/vendors, and defines compliance by allowing any product by a specific vendor (for example, any Symantec product).

    Select the Require specific products option to enable this feature.

    Monitor this rule for change in result

    Continuously monitors the policy compliance of endpoints.

    Select the Monitor this rule for change in result option to enable this feature.

    Selected Vendors tab

    Selected Vendors

    Allows you to select the vendors.

    Select the vendor, and then click Add to move the vendor from the Non-members to the Members list.

    Specific Products Selected tab

    Specific Products Selected

    Allows you to select specific products.

    Select the product, and then click Add to move the product from the Non-members to the Members list.

    Selected Products

    Product name

    Allows you to select the product.

    Select the product from the Product name drop-down list.

    Predefined OS Checks Rules

    Rule Name

    Specifies the name for the OS Checks rule.

    Enter the name.

    OS Selections

    Specifies the operating systems.

    Select the operating system, and then click Add to move from the Non-members to the members list.

    Published: 2013-01-03