Differences

This shows you the differences between two versions of the page.

Link to this comparison view

windows_endpoint_security [2012/11/09 22:28]
emessina
windows_endpoint_security [2014/02/28 20:45] (current)
ybarajas [Restricted Applications]
Line 1: Line 1:
 +====== Endpoint Security ======
 +
 +
 +Open Mobile provides a policy and enforcement platform that allows IT managers to assist their users in secure computing practices and cost control. Open Mobile endpoint security is configured in the Open Mobile Portal.
 +
 +
 +Endpoint security and restrictions enables you to set policies for applications to run when connected by Open Mobile. These policies can either require an application to run, or prohibit one from running, when Open Mobile connects to the Internet. For example, you could set a requirement for users to be protected by a specified anti-virus application when connected. Another policy could prevent users from using a specific peer-to-peer file sharing application when Open Mobile is connected.
 +
 +
 +There are two important features of endpoint security:
 +
 +
 +    * **Pre-Connect:**  If the designated application is not running when the user attempts to connect to the Internet, Open Mobile will attempt to launch it, and will not connect to the Internet without the application running.
 +    * **Automatic Teardown:**  An Internet connection may only be maintained if the designated application is running. If the application is stopped for any reason while the user is connected to the Internet, the Internet connection is automatically torn down.
 +You can configure enforcement through a command-line executable if the designated applications are in violation of policy.
 +
 +
 +In addition, you can configure the user notifications that will be displayed if the designated applications are in violation.
 +
 +
 +You can configure two types of application policy:
 +
 +
 +    * //Required//  applications must be running when the user attempts to connect.
 +    * //Restricted//  applications may not be running when the user attempts to connect.
 +You can set the actions taken by Open Mobile when either one of these policies is violated.
 +
 +
 +===== Required Applications =====
 +
 +
 +For Required applications, you can configure:
 +
 +
 +    * A qualified anti-virus, firewall, or other application. A qualified application is one that is listed in the user’s local Windows Security Center (in Windows 7, the Action Center) for anti-virus, firewall, or anti-spyware protection.
 +    * A specific antivirus, firewall, or anti-spyware application certified from the OPSWAT library. (OPSWAT certification is a security software interoperability certification program for a variety of application types.)
 +    * For firewalls, the Windows built-in Firewall.
 +    * A custom security application that you can specify. You can also specify a remediation action for the application to repair the executable if it stops running. The remediation action can be a command or batch file.
 +    * In addition, you can set a security level for each security category to control Open Mobile behavior and connection experience.
 +
 +
 +You can select a security level for anti-virus, firewall, spyware, and other security applications. The table below shows the behavior for each security level if the designated application is not running at the time of the user connection.
 +
 +
 +^Security Level ^If the application is not running at connection time… |
 +|**Off**  |Open Mobile will take no action. |
 +|**1: Prompt to Continue**  |The user will be prompted to continue making a connection. |
 +|**2: Block VPN Connection**  |The VPN connection will be blocked. |
 +|**3: Block Internet and VPN Connections**  |Internet and VPN connections are blocked. |
 +|**4: Block All Connections and Disconnect VPN**  |All connections are blocked. If the application stops running during the connection, any connected VPN is disconnected. |
 +|**5: Block and Disconnect all Connections**  |All connections are blocked. If the application stops running during the connection, the connection is terminated completely. |
 +
 +
 +For example, a policy sets a Security Level 1 for the Windows Firewall. If the user attempts to connect when Windows Firewall is disabled, Open Mobile will prompt the user before attempting to connect.
 +
 +
 +Another policy sets a Security Level 4 for an anti-virus application listed in the user’s Windows Security Center. If the anti-virus is not running at connection time, the connection is blocked. In addition, if the user later disables the anti-virus application during the connection, Open Mobile will immediately disconnect any VPN connection. Further, it will block the reconnection until the anti-virus application is re-started.
 +
 +
 +===== Restricted Applications =====
 +
 +
 +You can designate any application as Restricted. Restricted applications may not be running when the user attempts to connect, or Open Mobile will take the action you specify depending on the restriction level.
 +
 +
 +^Restriction  Level ^If the application is running at connection time… |
 +|**Prompt to Continue**  |Open Mobile will prompt the user with the specified message. |
 +|**Terminate Application**  |The application process will be ended. |
 +
 +
 +Go to: **[[:windows_help|Open Mobile for Windows Help]]** 
 +
 +
 +{{tag>endpoint_security windows}}
 +
 +
 +
 +
 +
 +\\
  
 

©2015 iPass Inc. All rights reserved. Terms of Use