Reset Search
 

 

Article

KB43928 - How to configure Common Vulnerability and Exposure (CVE) Check Rules for Windows OS using Host Checker

« Go Back

Information

 
Last Modified Date11/1/2018 11:01 PM
Synopsis
This article provides the steps to configure a Host Checker policy to configure Common Vulnerability and Exposure (CVE) check rules for Windows OS.
Problem or Goal
To protect against endpoints that may be vulnerable to attacks, Host Checker provides a CVE check rule that can identify vulnerable endpoints using the OPSWAT library.  
Cause
Solution
Common Vulnerability and Exposure (CVE) check rules for Windows platforms are supported starting with PCS OS 9.0R1.  To configure this Host Checker policy, follow the steps below:

NOTE: 
  • CVE check rule is supported with active OPSWAT SDK version V4.
  • OPSWAT version 3 does not support CVE rules. These rules will always be evaluated as failed and may cause the host checker policy to fail. We recommend to either delete CVE rules or use OPSWAT V4 SDK for CVE rules support.
TSB41055 - OPSWAT v3 software EOL Notification

Configuration on the Pulse Connect Secure device:

  • In the admin GUI navigate to Authentication > Endpoint Security > Host Checker
  • Create a new policy, or select an existing policy to modify in the Policies section of the page.
  • Click the Windows tab
       Under Rule Settings, select Predefined: CVE Checks and click Add.
User-added image
  • Enter a Rule Name for the CVE Check rule. 
  • From the Criteria, select
  • Select Require all supported CVE checks or Check for specific CVE checks then select the specific CVE's from the available list.
User-added image
  • Click Save Changes.
 
    Related Links
    Attachment 1 
    Created BySahil Mahajan

    Feedback

     

    Was this article helpful?


       

    Feedback

    Please tell us how we can make this article more useful.

    Characters Remaining: 255