ZyXEL Communications 3.1 ユーザーズマニュアル
Chapter 35 Endpoint Security
ZyWALL (ZLD) CLI Reference Guide
270
Requirements
User computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) installed and enabled
with a minimum version of 1.4.
with a minimum version of 1.4.
35.1.1 Endpoint Security Commands Summary
The following table describes the values required for many endpoint security object commands.
Other values are discussed with the corresponding commands.
Other values are discussed with the corresponding commands.
The following sections list the endpoint security object commands.
35.1.2 Endpoint Security Object Commands
This table lists the commands for creating endpoint security objects. You must use the
configure
terminal
command to enter the configuration mode before you can use these commands.
Table 160
Input Values for Endpoint Security Commands
LABEL
DESCRIPTION
profile_name
The name of the endpoint security object. You may use 1-31 characters (“0-9”, “a-z”, “A-
Z”, “-”, “_” with no spaces allowed).
Z”, “-”, “_” with no spaces allowed).
file_path
This is a file with the full directory path in quotation marks ““. For example, “C:\Program
Files\Internet Explorer\iexplore.exe”.
Files\Internet Explorer\iexplore.exe”.
Table 161
Endpoint Security Object Commands
COMMAND
DESCRIPTION
[no] eps failure-messages
failure_messages
Specify a message to display when a user’s computer fails the endpoint security
check. Use up to 1023 characters (0-9a-zA-Z;/?:@=+$\.-_!*'()%,”). For example,
“Endpoint Security checking failed. Please contact your network administrator for
help.”. The no command removes the setting.
check. Use up to 1023 characters (0-9a-zA-Z;/?:@=+$\.-_!*'()%,”). For example,
“Endpoint Security checking failed. Please contact your network administrator for
help.”. The no command removes the setting.
show eps failure-messages
Displays the message to display when a user’s computer fails the endpoint security
check.
check.
[no] eps profile profile_name
Enters the sub-command mode. The no command removes an endpoint security
object.
object.
[no] {anti-virus |
personal-firewall}
activate
If you set windows as the operating system (using the os-type command), you can
set whether or not the user’s computer is required to have anti-virus or personal
firewall software installed.
set whether or not the user’s computer is required to have anti-virus or personal
firewall software installed.
[no] anti-virus
anti_virus_software_name
detect-auto-protection
{enable | disable |
ignore}
Sets a permitted anti-virus software package. If you want to enter multiple anti-virus
software packages, use this command for each of them. Use the list signature
anti-virus
software packages, use this command for each of them. Use the list signature
anti-virus
command to view the available anti-virus software package options.
detect-auto-protection
: Set this to enable if the specified anti-virus software is
not only detectable for the installation but also detectable for the activation status.
You can check the settings for each anti-virus software by using the show eps
signature anti-virus
You can check the settings for each anti-virus software by using the show eps
signature anti-virus
command.
The user’s computer must have one of the listed anti-virus software packages to pass
this checking item. For some anti-virus software the ZyWALL can also detect whether
or not the anti-virus software is activated; in those cases it must also be activated.
this checking item. For some anti-virus software the ZyWALL can also detect whether
or not the anti-virus software is activated; in those cases it must also be activated.