Reset Search
 

 

Article

KB22348 - Process based Host Check for unsupported software

« Go Back

Information

 
Last Modified Date11/23/2015 7:10 PM
Synopsis
This article provides information about the procedure to create process based Host Check for unsupported software/applications, which are not listed on the ESAP available products list.

 
Problem or Goal
Scenario:
 
  • There are instances when there are unsupported antivirus, anti-Spyware, etc, on the ESAP product list.
  • In such a scenario, there may be clients trying to connect to PCS/PPS with a unsupported application on their computer. The user may be connecting to a protected role and he or she may not connect as expected; while they might see a non-compliance message on their browser by Host Checker. 
  • To overcome this situation, an PCS/PPS administrator can use the process check feature provided by the PCS/PPS OS.
  • If the work around is accepted, Perform the procedure mentioned in the Solution section to configure the PCS/PPS for process check, which will effectively inspect if the respective process is running for a particular application on a computer. If the process check succeeds, the host check completes and if it fails, the end user will not be able to logon to PCS/PPS.

Example:

If a realm or role is configured with host check for the mcafee.exe process, every time a client connects to PCS/PPS, the end user computer's memory is inspected for the mcafee.exe process. Host Check will pass, only if this process is running.

Note: The code that performs the AV/Spyware detection for us is a third-party code sourced from a vendor called OPSWAT. The packages we support are the packages they support. Additionally, the semantics of 'passing the AV checks' are largely determined by OPSWAT and not by us.
Cause
Solution
Perform the following procedure:
 
  1. From the admin GUI, navigate to Endpoint SecurityHost Checker
  2. Under Policies, click New.
  3. In the Policy Name field, type a name for the policy and click Continue:
  4. From the Rule Settings drop-down menu, select Custom: Process, then click Add to add this new rule.
  5. In the RuleName field, type a name for the new rule and specify the Process Name.
  6. Set the rule to Required to ensure that the end user's computer has this process running or else, host check would fail.
Note: You can refer the computer's Task Manager; refer to software vendor documentation or check with the software vendor for the process name.
 
  1. Click Save Changes.
  2. Apply the newly created Process Check to one of the following locations:
    1. Add the Host checker policy to the User Realm:
    2. Add the Host Checker policy to the User Role:
    3. Add the Host Checker policy to the Role Mapping Rule as a custom expression:
    4. Add the Host Checker policy as a Detailed Rule for a Resource Policy (this setting can be ignored for the IC device)
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255