EasyManua.ls Logo

SonicWALL SMA - Advanced EPC

SonicWALL SMA
48 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
SonicWallSMAConnectTunnel12.0DeploymentPlanningGuide
PlanningYourVPN
23
AdvancedEPC
AdvancedEPCprovidesanextendedanddetailedlistofpersonalfirewall,antivirus,andspywareprogramsto
checkforonaclient.EPCcanbedoneonWindows,OSX,Linux,AndroidandiOS.
Thereareafewdeviceprofilestohelpyougetstarted:youcanusethemasis
ormodifythemtosuityouraccess
policyandresourcerequirements.Thehomeuserprofiles,forexample,checkforawidevarietyofantivirusand
personalfirewallprograms,whileaseriesofcorporateprofilescheckforprogramsfromparticularvendors.
Ifthepreconfigured deviceprofilesdon’taddressyourspecificsecurityneeds
orcomputingenvironment,you
cancreateadditionalprofilesthattheappliancewillusetodetectthepresenceofspecifiedattributesonusers’
devices.Thetypesofdeviceprofileattributesavailableare:
Antivirussoftware
Antispywaresoftware
Application
Clientcertificate
Directoryname
DeviceID
Filename,size,ortimestamp
Personalfirewallprogram
Windows
domain
Windowsregistryentry
Windowsversion
PuttingItAllTogether:UsingRealmsand
Communities
Realmsarethetoplevelobjectsthattietogetherauthentication,usermanagement,accessagentprovisioning,
andEndPointControlrestrictions.
Arealmreferencesoneauthenticationserverorapairofthem(forchainedauthentication).Authentication
serversmustfirstbedefinedinAMC,andtheyarethenreferencedbyarealmthat
usersloginto.
Afteruserslogintotheappliance,theyareassignedtoacommunitybasedontheidentitysuppliedduring
login.Bydefault,allusersareassignedtoadefaultcommunity,butyoucansortusersintodifferentgroups
basedonindividualidentityorgroupmemberships.Inturn,
thecommunitydefinesa defaultsetofaccess
methodsandthesetofendpointrestrictionsplacedonclientdevices.Thecommunitycanalsodeterminethe
appearanceofWorkPlace:thelayoutandstyleofWorkPlacepagescanbetailoredtoaparticularcommunity.
Authenticatingwithrealmsandcommunitiesshowshowa
realmauthenticatesusers,assignsthemto
communitiestoprovisionaccessagentsand,withEndPointControlenabled,assignscommunitymembersto
differentzonesbasedonthetrustworthinessoftheircomputers.

Table of Contents

Related product manuals