Configuring System Expressions

A system expression specifies the conditions under which the policy is enforced. For example, expressions in a preauthentication policy are enforced while a user is logging on. Expressions in a session policy are evaluated and enforced after the user is authenticated and logged on to NetScaler Gateway.

Expressions on NetScaler Gateway include:

  • General expressions that limit the objects users can use when establishing a connection to NetScaler Gateway. For example, see:
  • Client security expressions that define the software, files, processes, or registry values that must be installed and running on the user device. For example, see:
  • Network-based expressions that restrict access based on network settings. For example, see:

NetScaler Gateway can also be used as a NetScaler appliance. Some expressions on the appliance are more applicable to NetScaler. General and network-based expressions are used commonly with NetScaler and are not generally used with NetScaler Gateway. Client security expressions are used on NetScaler Gateway to determine that the correct items are installed on the user device.

Configuring Client Security Expressions

Expressions are a component of a policy. An expression represents a single condition that is evaluated against a request or a response. You can create a simple expression security string to check for conditions, such as:

  • User device operating system including service packs
  • Antivirus software version and virus definitions
  • Files
  • Processes
  • Registry values
  • User certificates
Configuring System Expressions