Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual page 260

Configuring Secure Access Devices Guide
242
Configure the configure customized requirements using custom rules using the settings
6.
described in Table 67 on page 242.
Click one:
7.
OK—Saves the changes.
Cancel—Cancels the modifications.
Table 67: Configuring Host Checker Customized Requirements Using
Custom Rules Details
Option Function
Settings tab
Remote IMV—Use this rule type to
IMV Rules configure integrity measurement
software that a client must run to
verify a particular aspect of the
client's integrity, such as the
client's operating system, patch
level, or virus protection.
NHC Rules (Windows only)—Use this rule
type to specify the location of a
custom DLL. Host Checker calls
the DLL to perform customized
client-side checks. If the DLL
returns a success value to Host
Checker, then the Secure Access
device considers the rule met.
Ports Use this rule type to control the
Rules network connections that a client
can generate during a session.
This rule type ensures that certain
ports are open or closed on the
client machine before the user can
access the Secure Access device.
Process Use this rule type to control the
Rules software that a client may run
during a session. This rule type
ensures that certain processes are
running or not running on the
client machine before the user can
access resources protected by the
Secure Access device.
Your Action
1. Enter the rule name.
2. Select the IMV.
3. Click OK .
1. Enter the rule name, vendor name, and the
path to NHC DLL on client machines.
2. Select the Monitor this rule for change in
result check box to continuously monitor
the policy compliance of endpoints.
3. Click .
OK
1. Enter the rule name.
2. Select the Required option to specify that
these ports are open or closed.
3. Enter a comma delimited port list (without
spaces) of ports or port ranges, such as:
1234,11000-11999,1235.
4. Click Ok.
1. Enter the rule name.
2. Select the Required option to specify that
these ports are open or closed.
3. Enter the process name (executable file),
such as: good-app.exe.
4. Enter the MD5 checksums value of each
executable file to which you want the policy
to apply (optional).
5. Select the Monitor this rule for change in
result check box to continuously monitor
the policy compliance of endpoints.
6. Click OK .
Copyright © 2010, Juniper Networks, Inc.