Video Screencast Help

SNAC Implementation doubts

Created: 15 May 2012 • Updated: 06 Jun 2012 | 4 comments
Chetan Savade's picture
This issue has been solved. See solution.

Hello Everyone,

Is is possible to block the clients connecting to the network if the client definitions were out of data for 3 days ?

If it's possible I need guidence to implement the same.

Discussion Filed Under:

Comments 4 CommentsJump to latest comment

SMLatCST's picture

Part 1, is in the creation of a HI policy to check for the AV requirement as below:

The second part is the actual control side of things, and is dependant upon the results of Part1.  This control part is where you would typically use self-enforcement to block access to network resources, or use one of the enforcers (DHCP/LAN/Gateway) to control network access.

cemilebaşak's picture


SMLatCST mentioned you must create a HI policy for detect the AV virus definition was older than 3 day.

Then if you use sefl enforcement you must use a quarantine firewall policy to block network access.

If you use lan enforcer or DHCP enforcer

You must define the rule if the host interity failed close port or assing a vlan for Lan enforcer and For DHCP enforcer while HI failed its stay on the qurantine ip range. You can still block with Qurantine firewall policy as well.



Cemile Denerel BAŞAK

Note: Please mark as solution if its help you.

Chetan Savade's picture

Thanks to both of you.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Srikanth_Subra's picture

Iam looking for this requirement only..thanks

Thanks & Regards,


"Defeat the Defeat before the Defeat Defeats you"
(Swami Vivekananda)