Secure Mobile Access 12.4 Administration Guide

Advanced EPC: Using Fallback Detection

Fallback detection uses advanced EPC to detect newer vendor software versions than are recognized by OESIS, which allows zone classification to succeed. Fallback detection supplements your fully trusted profiles with EPC definitions for the versions you want to determine fully (for example, Microsoft Security Essentials version 4.x or higher).Fallback detection, which uses the Windows Security Center (WSC), can be configured for Windows-based Antimalware and Personal Firewall products.

For example, users are put in the Trusted zone when they log in with Kaspersky Antivirus. When they update to a newer version of Kaspersky and log in, the WSC fallback will match for the Trusted Fallback zone, and they will be allowed access.

When Secure Mobile Access supports the new Kaspersky version, you can simply update the policy for the Trusted zone to include the new version. This allows the admin to easily distinguish between devices that match a specific antimalware version and those that do not, but do match the Fallback logic.

To use Fall back Detection, device profiles for the Primary EPC zone must be configured with specific versions of antimalware and firewall products and NOT with the Any product from this vendor option.

To configure Fallback Detection

  1. Create a new device profile for trusted fallbacks with these value:

    1. In the AMC, navigate to User Access > End Point Control.

      The End Point Control page displays.

    2. In the Zones and Profiles section, click Edit next to Profiles.

      The Zones and Profiles page displays.

    3. In the Device Profiles section, click the + (New) icon.

    4. Select Windows from the dropdown list.

    5. Type the Name of the new device profile.

    6. From the Type drop-down menu, select Antimalware program or Personal firewall program.

    7. From the Vendor drop-down menu, select the vendor that provides the product.

    8. From the Product drop-down menu, select Other <vendor> <type> (for example, Other Aliant Firewall).

      Do NOT use the Any product from this vendor checkbox.

    9. Set the Product version to >= x.

    10. If applicable, enable Signatures updated and Realtime protection required.

    11. Click Save.

  2. Create a new Trusted Fallback zone and add the Trusted Fallback profile to this zone.

    Optionally, Trusted and Trusted Fallback profiles can be combined into one zone, depending on your security requirements. However, using a separate Trusted Fallback zone allows you to easily determine when users update software that is not matched by the Trusted zone, so you will know when to add new versions to the Trusted zone.

  3. In your community, add the Trusted Fallback zone to the Realms list directly below the Trusted zone.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.