Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherICS DISSOLVABLE AGENT FOR SAFEGUARD
21222324252627282930
ICS Dissolvable Agent for SafeGuard Administration Guide
25
Chapter 4: Administering Security Scanner Policies
Conditions—Use the conditions area to indicate the criteria that the end point
computer must meet. For instance, that it must have a certain file running.
Action—Use the action area to indicate what ICS should do when the end point
computer is out of compliance with the rule.
Actions affect the user experience as described in Ta ble 1 .
Table 1 Action behaviors
Remediation — Use the remediation area to specify resources and information
that the end point users need to become compliant with the enforcement rule. For
example, if the rule requires an anti-virus program, you should provide a link to a
location where the end point user can download the application and instructions
on how to install it. Because users might be repeatedly warned, or even denied
access if they do not comply, it is important to make sure you provide sufficient
and clear remediation resources.
In Alcatel-Lucent’s End Point Validation (EPV) feature, a bypass policy is required
to perform remediation. See the section, Creating Global Bypass Policies, in the End
Point Validation chapter of the OmniAccess SafeGuard OS Administration Guide for
further details.
Enforcement Rule Types
Use enforcement rules to control which applications your users must, or must not have
on their computer when they connect to your network. There are the following types of
enforcement rules:
Option Behavior
Restrict Prevents the users from logging on. ICS displays the scan report and
any remediation information you have specified. Users must become
compliant before being allowed to proceed.
Warn Does not prevent users from logging on. ICS displays the scan report
and any remediation information you have specified. Users may
proceed without becoming compliant. Users are asked to become
compliant every time they are scanned by ICS.
Observe Does not prevent users from logging on. ICS records the violation in the
log. This option does not display the scan report to end users but is
useful for gathering information about potential issues with your
network before you restrict end point connections.
Allow ICS does not check for spyware you have set to ‘allow’. This action is
only available for Anti-spyware scan rules.