Common Vulnerability and Exposure (CVE) check rules for Windows platforms are supported starting with PCS OS 9.0R1. To configure this Host Checker policy, follow the steps below:
TSB41055 - OPSWAT v3 software EOL Notification
- CVE check rule is supported with active OPSWAT SDK version V4.
- OPSWAT version 3 does not support CVE rules. These rules will always be evaluated as failed and may cause the host checker policy to fail. We recommend to either delete CVE rules or use OPSWAT V4 SDK for CVE rules support.
Configuration on the Pulse Connect Secure device:
- In the admin GUI navigate to Authentication > Endpoint Security > Host Checker
- Create a new policy, or select an existing policy to modify in the Policies section of the page.
- Click the Windows tab
Under Rule Settings, select Predefined: CVE Checks
and click Add.
- Enter a Rule Name for the CVE Check rule.
- From the Criteria, select
- Select Require all supported CVE checks or Check for specific CVE checks then select the specific CVE's from the available list.