![background image](http://html.mh-extra.com/html/zyxel-communications/uag-series/uag-series_reference-manual_944300264.webp)
Chapter 54 Endpoint Security
UAG CLI Reference Guide
264
[no] personal-firewall
personal_firewall_softwar
e_name
detect-auto-
protection {enable |
disable | ignore}
Sets a permitted personal firewall. If you want to enter multiple personal firewalls,
use this command for each of them. Use the
list signature personal-firewall
command to view the available personal firewall software package options.
detect-auto-protection
: Set this to
enable
if the specified firewall software is not
only detectable for the installation but also detectable for the activation status. You
can check the settings for each firewall software by using the
show eps signature
personal-firewall
command.
The user’s computer must have one of the listed personal firewalls to pass this
checking item. For some personal firewalls the UAG can also detect whether or not
the firewall is activated; in those cases it must also be activated.
[no] application
forbidden-process
process_name
If you selected
windows
or
linux
as the operating system (using the
os-type
command), you can use this command to set an application that a user’s computer is
not permitted to have running. If you want to enter multiple applications, use this
command for each of them.
The user’s computer must not have any of the forbidden applications running to pass
this checking item.
Include the filename extension for Linux operating systems.
[no] application trusted-
process
process_name
If you selected
windows
or
linux
as the operating system (using the
os-type
command), you can use this command to set an application that a user’s computer
must be running.
The user’s computer must have all of the trusted applications running to pass this
checking item.
Include the filename extension for Linux operating systems.
[no] description
description
Type a description for this endpoint security object. You can use alphanumeric and
()+/:=?!*#@$_%- characters, and it can be up to 60 characters long.
[no] file-info file-path
file_path
If you selected
windows
or
linux
as the operating system (using the
os-type
command), you can use this command to check details of specific files on the user’s
computer.
The user’s computer must pass one of the file information checks to pass this
checking item.
[no] file-info file-path
file_path
{eq | gt | lt |
ge | le | neq} file-size
<1..1073741824>
Sets whether the size of the file on the user’s computer has to be equal to (
eq
),
greater than (
gt
), less than (
lt
), greater than or equal to (
ge
), less than or equal to
(
le
), or not equal to (
neq
) the size of the file specified.
[no] file-info file-path
file_path
{eq | gt | lt |
ge | le | neq} file-
version
file_version
Sets whether the version of the file on the user’s computer has to be equal to (
eq
),
greater than (
gt
), less than (
lt
), greater than or equal to (
ge
), less than or equal to
(
le
), or not equal to (
neq
) the version of the file specified.
[no] file-info file-path
file_path
{eq | gt | lt |
ge | le | neq} file-size
<1..1073741824> {eq | gt |
lt | ge | le | neq} file-
version
file_version
Sets whether the size and version of the file on the user’s computer has to be equal
to (
eq
), greater than (
gt
), less than (
lt
), greater than or equal to (
ge
), less than or
equal to (
le
), or not equal to (
neq
) the size and version of the file specified.
os-type {windows | linux |
mac-osx | others}
Select the type of operating system the user’s computer must be using. Use the
windows-version
command to configure the checking items according to the set
operating system. If you set this to
mac-osx
, there are no other checking items.
others
allows access for computers not using Windows, Linux, or Mac OSX operating
systems. For example you create Windows, Linux, and Mac OSX endpoint security
objects to apply to your LAN users. An “others” policy allows access for LAN
computers using Solaris, HP, Android, or other operating systems.
Table 168
Endpoint Security Object Commands
COMMAND
DESCRIPTION
Summary of Contents for UAG Series
Page 5: ...Document Conventions UAG CLI Reference Guide 5 Server Firewall Telephone Switch Router ...
Page 22: ...22 PART I Introduction ...
Page 23: ...23 ...
Page 41: ...41 PART II Reference ...
Page 42: ...42 ...