SRA/SMB SSL-VPN: How to apply EPC (End Point Control) restrictions to Users/Groups based on Windows
03/26/2020 9 10249
DESCRIPTION: To allow Portal access to users who have Windows version 8 or higher along with Kaspersky Internet Security 8.0 or higher. Users who don't fulfill those requirements will be denied access to the portal.
Step 1: Go to End Point Control > Device Profiles and then click on "Add Device Profile".
Step 2: Fill in the Name and Description field at your convenience. On the device profile type select "Windows". Step 3: On the Attribute menu type select Windows Version, put as the table says, in mayor: 6 and in minor: 2, those numbers are just a reference for the SRA to understand which Windows version corresponds.
Step 4: Now we add the second attribute, select "Antivirus program" "Kaspersky Labs" "Kaspersky Internet Security 8.0" and in product version >= 8.x.
Step 5: Now that we have our device profile we just need to apply it. If we want to apply it to an entire group we need to go to Users > Local groups, then configure the desired group and in the EPC tab we enable EPC as in the following image (if you want to do it just for one user you need to do the same but only with the user).
Step 6: Now test the configuration. If the user meets the requirements, he will have access to the portal. If he doesn't, he will see the following error message: