ZyXEL Communications 3.1 User Manual

Chapter 35 Endpoint Security

ZyWALL (ZLD) CLI Reference Guide

275

Now Peter can create the EPS object profile as the example shown next. Note that he uses the
matching-criteria all

command to make sure all users’ computers have the required software

installed and settings being configured before they access the company’s SSL VPN.

Then he leaves the sub-command mode and uses the show command to view the EPS object
settings.

See

Chapter 18 on page 151

for how to configure an SSL VPN using this EPS object .

For users who fail the endpoint security checking, Peter decides to show them an error message of
“Endpoint Security checking failed. Contact helpdesk at #7777 if you have any questions.” The
following shows how to configure the error message.

Router(config)# eps profile EPS-Example

Router(eps EPS-Example)# windows-version windows-xp

Router(eps EPS-Example)# personal-firewall activate

Router(eps EPS-Example)# anti-virus activate

Router(eps EPS-Example)# windows-auto-update enable

Router(eps EPS-Example)# windows-service-pack 2

Router(eps EPS-Example)# personal-firewall Windows_Firewall detect-auto-protection

enable

Router(eps EPS-Example)# anti-virus Kaspersky_Anti-Virus_v2011 detect-auto-

protection enable

Router(eps EPS-Example)# matching-criteria all

Router(eps EPS-Example)# exit

Router(config)#

Router(eps EPS-Example)# exit

Router(config)# show eps profile

description:

os type: windows

windows version: windows-xp

matching criteria: all

anti-virus activation: yes

anti-virus: 1

detect auto-protection: enable

personal firewall activation: yes

personal firewall: 1

detect auto-protection: enable

windows update: enable

windows service pack: 2

windows security patch:

windows registry:

trusted application:

forbidden application:

file information:

reference count: 1

Router(config)#

Router(config)# eps failure-messages "Endpoint Security checking failed. Contact

helpdesk at #7777 if you have any questions."

Router(config)#