Filter
Top Products
Chapter 35 Endpoint Security
ZyWALL (ZLD) CLI Reference Guide
275
Now Peter can create the EPS object profile as the example shown next. Note that he uses the
matching-criteria all command to make sure all users’ computers have the required software
installed and settings being configured before they access the company’s SSL VPN.
Then he leaves the sub-command mode and uses the show command to view the EPS object
settings.
See Chapter 18 on page 151 for how to configure an SSL VPN using this EPS object .
For users who fail the endpoint security checking, Peter decides to show them an error message of
“Endpoint Security checking failed. Contact helpdesk at #7777 if you have any questions.” The
following shows how to configure the error message.
Router(config)# eps profile EPS-Example
Router(eps EPS-Example)# windows-version windows-xp
Router(eps EPS-Example)# personal-firewall activate
Router(eps EPS-Example)# anti-virus activate
Router(eps EPS-Example)# windows-auto-update enable
Router(eps EPS-Example)# windows-service-pack 2
Router(eps EPS-Example)# personal-firewall Windows_Firewall detect-auto-protection
enable
Router(eps EPS-Example)# anti-virus Kaspersky_Anti-Virus_v2011 detect-auto-
protection enable
Router(eps EPS-Example)# matching-criteria all
Router(eps EPS-Example)# exit
Router(config)#
Router(eps EPS-Example)# exit
Router(config)# show eps profile
name: EPS-Example
description:
os type: windows
windows version: windows-xp
matching criteria: all
anti-virus activation: yes
anti-virus: 1
name: Kaspersky_Anti-Virus_v2011
detect auto-protection: enable
personal firewall activation: yes
personal firewall: 1
name: Windows_Firewall
detect auto-protection: enable
windows update: enable
windows service pack: 2
windows security patch:
windows registry:
trusted application:
forbidden application:
file information:
reference count: 1
Router(config)#
Router(config)# eps failure-messages "Endpoint Security checking failed. Contact
helpdesk at #7777 if you have any questions."
Router(config)#