Checking the policy serial number on a client
| Article:HOWTO55604 | | | Created: 2011-06-29 | | | Updated: 2011-11-17 | | | Article URL http://www.symantec.com/docs/HOWTO55604 |
The Symantec Endpoint Protection Manager updates a client's policy serial number every time that the client's security policy changes. When a client connects to the Symantec Endpoint Protection Manager, it receives the latest security policies and the latest policy serial number.
The default value for this setting is not enabled.
The following guidelines apply:
If the Check the Policy Serial Number on Client before allowing Client into network option is checked, a client must have the latest security policy before it can connect to the network through the Gateway Enforcer appliance. If the client does not have the latest security policy, the client is notified to download the latest policy. The Gateway Enforcer appliance then forwards its Gateway request to receive a quarantine network configuration.
If the Check the Policy Serial Number on Client before allowing Client into network option is not checked and the Host Integrity check is successful, a client can connect to the network. The client can connect through the Gateway Enforcer appliance even if its security policy is not up-to-date.
See About authentication settings on a Gateway appliance.
To have the Gateway Enforcer appliance check the policy serial number on a client
In the Symantec Endpoint Protection Manager Console, click Admin.
Select and expand the group of Gateway Enforcer appliances.
The Enforcer group must include the Gateway Enforcer appliance that checks the Policy Serial Number on a client.
In the Settings dialog box, on the Authentication tab, check Check the Policy Serial Number on the Client before allowing a Client into the network.
|
|
Legacy ID
v12330051_v60734173
Article URL http://www.symantec.com/docs/HOWTO55604
Terms of use for this information are found in Legal Notices
Thank you.