Juniper Networks Native Host Checker (NHC)
|Article:TECH102997|||||Created: 2007-01-29|||||Updated: 2007-01-30|||||Article URL http://www.symantec.com/docs/TECH102997|
What is the NHC deployment option?
Confidence Online can integrated with Juniper'sNative Host Checker (NHC). In this environment, the Web Applications client is deployed to remote computers as an NHC (Native Host Checker) component. Once downloaded and installed, the client, by default, scans the remote computer whenever the user enters the URL to access the Juniper Networks login page. By default, the client deployment is set to continue scanning the remote computer after establishing a connection to the LAN. See Creating a Deployment described later in this section of the document.
This scan type requires the Juniper Networks 5.0 (or higher) with an Advanced License. In addition, the IVE Server must be set up with users and configured as described below.
Note: The Juniper Networks NHC integration type does not support the Confidence Online compliance checking.
- Remote Computer: The CO client is deployed to remote computers as an NHC component. The CO client must be version 5.0 or higher.
- CO Server: All Confidence Online software components must be installed before configuring the IVE server.
- IVE Server: The IVE server proxies the CO client traffic to the CO Server before the user submits login credentials. The first time the user accesses the login page, the NHC component is downloaded and user’s system is scanned for malicious processes. Additional scans are performed each time the user logs in.
The user experience includes two scenarios. The first scenario applies to the initial download of the product and scan of the client the first time the user visits the Juniper Networks login page. The second scenario applies to subsequent visits to the Juniper Networks login page.
- User Scenario 1 (download and initial scan)
The download of the product and the first scan occur when the user enters the URL to access the login page of the Juniper Networks Virtual Directory.
If eavesdropping software is detected, the offending application is automatically mitigated according to the policy prescribed (see the Confidence Online Administrator’s Guide). A message informs the user of the detection and redirects the user to a logout page where a link opens a login page that reruns the scan.
Running the second scan, confirms that the system is now clean, and the user is directed to the Juniper Networks Virtual Directory to enter login credentials for access to a destination on the LAN.
- User Scenario 2 (subsequent scans)
Subsequent scans occur each time the user enters the URL to access the login page. If the client deployment has been set up to provide session protection, a scan will periodically occur from the time the user’s login credentials are authenticated on the Juniper Networks login page until the user either terminates the session protection using the icon in the system tray or powers down the system.
Responses to detections made on subsequent scans are the same as those described for detections made during the first scan.
Article URL http://www.symantec.com/docs/TECH102997