Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INFRANET CONTROLLER GUIDE REV 01 Manual page 174

NSM Infranet Controller Configuration Guide
Related
Documentation
156
The Infranet Controller provides several mechanisms that you can use to enable, create,
and configure Host Checker policies:
Predefined rules (check for third party applications)—Host Checker contains a wide
array of predefined rules that check for antivirus software, firewalls, malware, spyware,
and specific operating systems from a wide variety of industry leaders. You can enable
one or more of these rules within a Host Checker client-side policy to ensure that the
integrated third-party applications that you specify are running on your computers in
accordance with your specifications.
Custom rules (check for additional requirements)—In addition to the predefined rules,
you can create custom rules within a Host Checker policy to define requirements that
your computers must meet. Using custom rules, you can:
Configure Host Checker to check for custom third-party DLLs that perform customized
client-side checks.
Verify that certain ports are open or closed on the user's computer.
Confirm that certain processes are or are not running on the user's computer.
Check that certain files are or are not present on the client machine.
Evaluate the age and content of required files through MD5 checksums.
Confirm that registry keys are set on the client machine.
Check the NetBIOS name, MAC addresses, or certificate of the client machine.
Assess the client operating system and application service packs to ensure they are
up to date.
Perform application and version checks to ensure that endpoints are running the
correct software.
Custom integrated applications (implement through server API)—For Windows
clients, you can upload a third-party J.E.D.I. DLL to the Infranet Controller.
Within a single policy, you can create different Host Checker requirements for Windows,
Macintosh, Linux, and Solaris, checking for different files, processes, and products on
each operating system. You can also combine any number of host check types within
a single policy and check for alternative sets of rules.
NOTE: To use Host Checker with Linux or Solaris, you must use the Firefox
browser.
Configuring Advanced Endpoint Defense Policy (NSM Procedure) on page 157
Specifying Customized Requirements Using Custom Rules (NSM Procedure) on page 161
Enabling Customized Server-Side Policies (NSM Procedure) on page 168
Copyright © 2010, Juniper Networks, Inc.