Advanced EPC: Using Fallback Detection
Fallback detection uses advanced EPC to detect newer vendor software versions than are recognized by OESIS,
which allows zone classification to succeed. Fallback detection supplements your fully trusted profiles with EPC
definitions for the versions you want to determine fully (for example, Microsoft Security Essentials version 4.x or
higher).Fallback detection, which uses the Windows Security Center (WSC), can be configured for
Windows-based Antimalware and Personal Firewall products.
For example, users are put in the Trusted zone when they log in with Kaspersky Antivirus. When they update to
a newer version of Kaspersky and log in, the WSC fallback will match for the Trusted Fallback zone, and they will
be allowed access.
When Secure Mobile Access supports the new Kaspersky version, you can simply update the policy for the
Trusted zone to include the new version. This allows the admin to easily distinguish between devices that match
a specific antimalware version and those that do not, but do match the Fallback logic.
To use Fall back Detection, device profiles for the Primary EPC zone must be configured with
specific versions of antimalware and firewall products and NOT with the Any product from this vendor option.
To configure Fallback Detection
Create a new device profile for trusted fallbacks with these value:
In the AMC, navigate to User Access > End Point Control.
The End Point Control page displays.
In the Zones and Profiles section, click Edit next to Profiles.
The Zones and Profiles page displays.
In the Device Profiles section, click the + (New) icon.
Select Windows from the dropdown list.
Type the Name of the new device profile.
From the Type drop-down menu, select Antimalware program or Personal firewall program.
From the Vendor drop-down menu, select the vendor that provides the product.
From the Product drop-down menu, select Other <vendor> <type> (for example, Other Aliant Firewall).
Do NOT use the Any product from this vendor checkbox.
Set the Product version to >= x.
If applicable, enable Signatures updated and Realtime protection required.
Create a new Trusted Fallback zone and add the Trusted Fallback profile to this zone.
Optionally, Trusted and Trusted Fallback profiles can be combined into one zone, depending on your
security requirements. However, using a separate Trusted Fallback zone allows you to easily determine
when users update software that is not matched by the Trusted zone, so you will know when to add new
versions to the Trusted zone.
In your community, add the Trusted Fallback zone to the Realms list directly below the Trusted zone.
Was This Article Helpful?
Help us to improve our support portal