Product Documentation

Configuring Advanced Endpoint Analysis Scans

Jun 17, 2014

You can define and apply Advanced Endpoint Analysis scans as part of user pre-authentication checks and as an active monitor during user sessions with session policies. To configure a preauthentication scan, you first configure a profile, and then a policy. In the policy, you specify a profile, which defines the action to take when a logon request matches the policy. You bind the preauthentication policy globally, so that it checks all logon attempts.

To configure a session scan, you configure a policy and bind it globally. Configure a default policy to apply to all sessions. You can also configure one or more specific policies to override the default settings for sessions that match the policy.

Note: Although you can create these policies on the command line interface, the configuration utility simplifies the process and is the recommended method.

For the structure and parameters used in Advanced Endpoint Analysis expressions, see the Advanced Endpoint Analysis Policy Expression Reference.

Attention: The instructions for creating Advanced Endpoint analysis scans are general guidelines. You can have many settings within one policy. Specific instructions for configuring Advanced Endpoint Analysis policies might contain directions for configuring a specific setting. However, that setting can be one of many settings that are contained within an Advanced Endpoint Analysis policy and profile.

To configure a preauthentication profile using Advanced Endpoint Analysis expressions

  1. In the configuration utility, in the navigation pane, expand the NetScaler Gateway node, and then the Policies subnode.
  2. Select Preauthentication.
  3. In the details pane, on the Profiles tab, click Add.
  4. Enter a name for the profile.
  5. Select an action.
  6. Optionally, enter the names of any processes to be stopped or files to be deleted on the client endpoint system.
  7. Click Create.
Your profile is now available for use in a preauthentication policy as a Request Action

To configure a preauthentication policy using Advanced Endpoint Analysis expressions

  1. In the configuration utility, in the navigation pane, expand the NetScaler Gateway node, and then the Policies subnode.
  2. Select Preauthentication.
  3. In the details pane, on the Policies tab, click Add.
  4. Enter a name for the policy.
  5. From the Request Action menu, select the desired profile.
  6. In the Expression pane, select OPSWAT EPA Editor.
  7. In the first pull down menu, select a client operating system.
  8. In the second pull down menu that appears, select a scan type.
  9. In the second pull down menu that appears, select a scan type
  10. When you finish building the policy, click Create.
You must bind your Advanced Endpoint Analysis preauthentication policy to enable it.

To bind a preauthentication policy

  1. In the configuration utility, in the navigation pane, expand the NetScaler Gateway node, and then the Policies subnode.
  2. Select Preauthentication.
  3. In the details pane, on the Policies tab, click Add.
  4. From the Action menu, select Global Bindings.
  5. Click Bind.
  6. In the Policies detail pane that appears, select the check box next to the desired policy.
  7. Click Insert.
  8. The policy is automatically assigned a priority (weight). Click the Priority entry to edit as needed.
  9. Click OK to bind the policy.

To configure an Advanced Endpoint Analysis policy for specific sessions

  1. In the configuration utility, in the navigation pane, expand the NetScaler Gateway node, and then the Policies subnode.
  2. Select Session.
  3. In the details pane, on the Policies tab, click Add.
  4. Enter a name for the policy.
  5. In the Action menu, do one of the following:
    • a. Select an existing action.
    • b. Click the plus icon to display the configuration parameters that can be set by the session policy. Click the Override Global check box to the right of a configuration option to activate it. Select Create.
  6. In the Expression pane, select OPSWAT EPA Editor.
  7. In the first pull down menu, select a client operating system.
  8. In the second pull down menu that appears, select a scan type.
  9. In the second pull down menu that appears, select a scan type
  10. When you finish building the policy, click Create.
You must bind your Advanced Endpoint Analysis session policy to enable it.

To bind a session policy

  1. In the configuration utility, in the navigation pane, expand the NetScaler Gateway node, and then the Policies subnode.
  2. Select Session.
  3. In the details pane, on the Policies tab, click Add.
  4. From the Action menu, select Global Bindings.
  5. Click Bind.
  6. In the Policies detail pane that appears, select the check box next to the desired policy.
  7. Click Insert.
  8. The policy is automatically assigned a priority (weight). Click the Priority entry to edit as needed.
  9. Click OK to bind the policy.