Checking the policy serial number on a client
|Article:HOWTO55604|||||Created: 2011-06-29|||||Updated: 2011-11-17|||||Article URL http://www.symantec.com/docs/HOWTO55604|
The Symantec Endpoint Protection Manager updates a client's policy serial number every time that the client's security policy changes. When a client connects to the Symantec Endpoint Protection Manager, it receives the latest security policies and the latest policy serial number.
When a client tries to connect to the network through the Gateway Enforcer appliance:
The following guidelines apply:
If the Check the Policy Serial Number on Client before allowing Client into network option is checked, a client must have the latest security policy before it can connect to the network through the Gateway Enforcer appliance. If the client does not have the latest security policy, the client is notified to download the latest policy. The Gateway Enforcer appliance then forwards its Gateway request to receive a quarantine network configuration.
If the Check the Policy Serial Number on Client before allowing Client into network option is not checked and the Host Integrity check is successful, a client can connect to the network. The client can connect through the Gateway Enforcer appliance even if its security policy is not up-to-date.
To have the Gateway Enforcer appliance check the policy serial number on a client
Article URL http://www.symantec.com/docs/HOWTO55604