Advanced Endpoint Analysis Scans

January 29, 2019

| Contributed by:

Advanced End-point Analysis (EPA) is used for scanning user devices for endpoint security requirement configured on a NetScaler Gateway appliance. If a user device tries to access the NetScaler Gateway appliance, the device is scanned for security information, such as operating system, antivirus, web browser versions and so forth before an administrator can grant access to the NetScaler Gateway appliance.

The Advanced EPA scan is a policy-based scan that you can configure on a NetScaler Gateway appliance for pre-authentication and post-authentication sessions. The policy performs a registry check on a user device and based on evaluation, the policy allows or denies access to the NetScaler network.

You can perform two types of EPA scan, OPSWAT scan and System scan. The following section explain the scan types and its details.

OPSWAT scan. The scan mechanism provides security at different levels such as:

Product specific scan
Vendor specific scan
Generic scan

Product specific scan: You can configure scan criteria for a particular product (e.g. Avast! Free Antivirus) offered by a particular vendor (e.g. AVAST Software a.s.) for a category (e.g. Antivirus). The access is granted only to the computers fulfilling the specified criteria.**

Vendor specific scan: You can configure scan criteria for a particular vendor (e.g. AVAST Software a.s.) of a category (eg. Antivirus). The configured scan checks for the specified criteria across all the products offered by the vendor. The access is granted only to the computers fulfilling the specified criteria.

Generic scan: You can configure scan criteria for a particular category (eg. Antivirus). The configured scan checks for the specified criteria across all the vendors and the products offered by the vendors. The access is granted only to the computers fulfilling the specified criteria.

System Scan. The System scan provides security for system level attributes such as MAC address. You can configure scan criteria for a system attribute (e.g. MAC Address). The access is granted only to the computers fulfilling the specified criteria.

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

Support: https://www.citrix.com/support

Feedback and forums: https://discussions.citrix.com

Version

Advanced Endpoint Analysis Scans

Advanced Endpoint Analysis Scans

Advanced Endpoint Analysis Scans

In this article