Skip to main content

UAG endpoint detection and access policies

Endpoint detection and access policies are among the most important security features of the Unified Access Gateway (UAG). Naturally, the ability to evaluate the health of endpoint devices and to enforce certain requirements goes a long way towards enhancing overall security profile of any remote access solution and can play an essential role in implementing organization’s security in-depth strategy. UAG endpoint detection and access policies allow for an extremely detailed level of control. The policies can be applied at three different levels:

  • Trunk – policies applied at this level will be enforced before a user logs on, and if the computer does not meet them, the user will not even reach the log-on page.
  • Portal – policies applied at this level may prevent a user from accessing the portal application after the log-on.
  • Application – policies applied at this level may block access to some or all published applications.

When the user tries to access the UAG portal client components are initialized and perform a system scan. Data collected (about 300 parameters) is sent back to the UAG server, which evaluates it against endpoint policies set for the trunk, portal, and applications, to determine the appropriate level of access.
It is important to note that client components are required for the endpoint detection to work. Also, for security purposes the client detection components will not trust just any website that tries to launch them – unless user has selected to trust the site, the components will not run.
Enforcing 'Any Antivirus' and 'Any Personal Firewall' settings:
The following seem to be a popular initial configuration - to create a custom policy that will enforce the requirements for anti-virus and personal firewall software on the endpoint devices and to apply it at the trunk level. So, I will use it as to showcase the creation of a custom policy:
  • Select the trunk you will be applying custom policy to, navigate to “Endpoint  Access Settings” tab, and click on “Edit Endpoint Policies”:

  • Click on “Add Policy”:

  • Create new policy that defines “Any Antivirus” and “Any Personal Firewall” requirements:
 
  • Apply newly created policy instead of “Default Session Access” one to the trunk:
 
  • Make sure to click on “Activate configuration” for changes to take effect: 
 
  • Test new configuration – first, by trying to connect to the trunk from the device running anti-virus and personal firewall software (upon endpoint detection and evaluation you should get a standard log-on screen); then, by turning your personal firewall off and trying again (you should get a message notifying you that your device does not meet security policy requirements).
Labels:

Comments

Post a Comment

Popular posts from this blog

  Copilot Studio: Capabilities, Strategies, Scenarios 💡 Ready to Supercharge Your Team with AI? 🧠 A critical question for every leader: How do you transform the massive potential of AI into a practical, powerful, and cost-effective tool for your entire organization? 🤔 This guide explores various nuances of the AI adoption: 1️⃣ The Innovation Opportunity: The drive to deploy generative AI is reshaping the modern workplace, offering a monumental leap in productivity and creativity. This is the moment to empower your teams. 🚀 2️⃣ The Strategic Blueprint: Unlocking this potential requires a clear strategy. Navigating the licensing models for powerful tools like Microsoft Copilot Studio is the key to maximizing value and avoiding unexpected costs. 🗺 ️▶️ Our new interactive guide makes it simple. We break down the licensing paths, visualize the costs, and provide a clear, actionable roadmap for implementing a winning hybrid AI strategy. See how you can empower everyone, from citizen...
Post a Comment
Read more
  AI Agents as Trusted IoT/Software Defined Devices 🤖 Your Newest Endpoint Isn’t a Laptop; It’s an AI Agent. Are You Ready to Secure It? Dive into the next frontier of cybersecurity. Autonomous AI agents are no longer just code; they are powerful actors in our digital ecosystems. Treating them as simple software leaves a massive security gap. Our latest report introduces a new paradigm: The AI Agent as a Software-Defined Device. Discover the essential framework for securing the agentic future: ➡️ The Agent-as-Device Model: Learn why abstracting agents as software-defined devices, similar to IoT endpoints, is the key to managing their complexity and risk. Secure the “hardware” (host), “software” (agent logic), and “network” (communications). ➡️ A Digital Passport for AI: Move beyond static API keys. Explore how Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) create a cryptographic root of trust, giving every agent a verifiable identity and provable permissions. ➡️...
Post a Comment
Read more
  AI Trends in DevSecOps 🤖 The AI Co-Developer Is Here: Is Your DevSecOps Ready? Dive into the symbiotic evolution of AI and DevSecOps. While AI coding assistants are accelerating development at an incredible pace, they’re also scaling security risks and introducing a new, complex attack surface. Discover the critical shifts redefining secure software development: ➡️ Secure the Foundation First: Learn why 99% of organizations have sensitive data exposed and how to tame the “blast radius” of GenAI tools before deployment by focusing on data security posture. ➡️ The Intelligent IDE: Move beyond just finding flaws. See how AI-generated fixes are revolutionizing secure coding by slashing remediation times and empowering developers to fix vulnerabilities in seconds. ➡️ The War on Noise: Understand how AI is finally solving the false positive problem in CI/CD pipelines, making fully automated security gates an operational reality. ➡️ Think Like the Adversary: Explore the rise of AI Red ...
Post a Comment
Read more