ZyXEL Communications ZLD User Manual
Chapter 35 Endpoint Security
ZyWALL (ZLD) CLI Reference Guide
272
windows-version {windows-
2000 | windows-xp |
windows-2003 | windows-
2008 | windows-vista |
windows-7 | windows-
2008r2}
If you set windows as the operating system (using the os-type command), use this
command to set the version of Windows.
command to set the version of Windows.
matching-criteria {any |
all}
Select whether the user’s computer has to match just one of the endpoint security
object’s checking criteria or all of them.
object’s checking criteria or all of them.
list signature {anti-
virus | personal-firewall
| status}
Displays all the anti-virus software packages, personal firewall software packages or
EPS signature information respectively.
EPS signature information respectively.
The status command displays the EPS signature version, release date and the total
number of software packages for which the ZyWALL’s endpoint security can check.
number of software packages for which the ZyWALL’s endpoint security can check.
[no] windows-auto-update
{enable | disable |
ignore}
If you set windows as the operating system (using the os-type command), you can
use enable with this command if the user’s computer must have the Windows Auto
Update feature installed and activated; use disable if the Windows Auto Update
feature must be installed but deactivated; use ignore if the Windows Auto Update
feature must be installed but does not matter if it is activated or not.
use enable with this command if the user’s computer must have the Windows Auto
Update feature installed and activated; use disable if the Windows Auto Update
feature must be installed but deactivated; use ignore if the Windows Auto Update
feature must be installed but does not matter if it is activated or not.
The no command does not check the Windows Auto Update feature.
[no] windows-service-pack
<1..10>
If you set windows as the operating system (using the os-type command), you can
enter the minimum Windows service pack number the user’s computer must have
installed. The user’s computer must have this service pack or higher. For example, “2”
means service pack 2. The no command means to have the ZyWALL ignore the
Windows service pack number.
enter the minimum Windows service pack number the user’s computer must have
installed. The user’s computer must have this service pack or higher. For example, “2”
means service pack 2. The no command means to have the ZyWALL ignore the
Windows service pack number.
[no] windows-security-
patch security_patch
If you set windows as the operating system (using the os-type command), you can
use this command to set a Windows security patch that the user’s computer must
have installed. If you want to enter multiple security patches, use this command for
each of them.
use this command to set a Windows security patch that the user’s computer must
have installed. If you want to enter multiple security patches, use this command for
each of them.
The user’s computer must have all of the set Windows security patches installed to
pass the checking item.
pass the checking item.
[no] windows-registry
registry_key {eq | gt | lt
| ge | le | neq}
registry_value
If you set windows as the operating system (using the os-type command), you can
use this command to set a Windows registry value to check on the user’s computer. If
you want to enter multiple registry values, use this command for each of them.
use this command to set a Windows registry value to check on the user’s computer. If
you want to enter multiple registry values, use this command for each of them.
Set whether the value for the registry item in the user’s computer has to be equal to
(eq), greater than (gt), less than (lt), greater than or equal to (ge), less than or
equal to (le), or not equal to (neq) the value specified.
(eq), greater than (gt), less than (lt), greater than or equal to (ge), less than or
equal to (le), or not equal to (neq) the value specified.
The user’s computer must pass all of the set Windows registry value checks to pass
the checking item.
the checking item.
show eps profile
[profile_name]
Displays the settings of all or the specified endpoint security object.
show eps profile profile_name
signature {anti-virus |
personal-firewall}
Displays Anti-Virus or personal firewall signatures that have been added to the
specified endpoint security object.
specified endpoint security object.
show eps signature {anti-virus
| personal-firewall | status}
Displays all the anti-virus software packages, personal firewall software packages or
EPS signature information respectively.
EPS signature information respectively.
The status command displays the EPS signature version, release date and the total
number of software packages for which the ZyWALL’s endpoint security can check.
number of software packages for which the ZyWALL’s endpoint security can check.
show eps warning-message
{windows-auto-update |
windows-security-patch | anti-
virus | personal-firewall |
windows-registry | process |
file-path}
Shows the warning messages displayed when a network client’s computer fails an
EPS check.
EPS check.
Table 161
Endpoint Security Object Commands
COMMAND
DESCRIPTION