Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
pfilipe
Contributor
Jump to solution

Firewall with SCV WindowsSecurityMonitor

Hello Everyone,

 

So i Need a litle help, i am setting up a SCV for Endpoint when they connect to VPN.

One of the things i need is for the SCV check for WindowsSecurityMonitor : VirusProtection, WindowsUpgrade, SpywareProtection and NetworkFirewall.

 

The things is when i connect with the Firewall disabled it continues to say that i am compliant with the Site. On the other end VirusProtection Works Fine.

 

This is the Configuration i am using.

: (WindowsSecurityMonitor
:type (plugin)
:parameters (
:VirusProtectionRequired (true)
:VirusProtectionRequiredMismatchMessage ("Please verify that your virus protection is up to date and virus scanning is on.")
:VirusProtectionInstalledPrograms ("any")
:VirusProtectionInstalledProgramsMismatchMessage ("There is no anti-virus program installed on the machine.")
:WindowsUpdateRequired (true)
:WindowsUpdateRequiredMismatchMessage ("Please make sure that windows automatic updates is turned on")
:SpywareProtectionRequired (true)
:SpywareProtectionRequiredMismatchMessage ("Please verify that your spyware protection is turned on.")
:SpywareProtectionInstalledPrograms ("any")
:SpywareProtectionInstalledProgramsMismatchMessage ("There is no anti-spyware program installed on the machine.")
:NetworkFirewallRequired (true)
:NetworkFirewallRequiredMismatchMessage ("Please verify the your network firewall is turned on.")
:NetworkFirewallInstalledPrograms ("any")
:NetworkFirewallInstalledProgramsMismatchMessage ("There is no network firewall program installed on the machine.").

 

Captura de ecrã 2021-10-20 122838.png

Sem Título.png

Does anyone have any clue why this is happening? Is there any proccess i should monitor?

 

Best Regards,

Pedro Filipe

 

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin

I believe you need to install Remote Access VPN client and not Endpoint Client. Look into sk175451 under "StandAlone Clients"

View solution in original post

7 Replies
_Val_
Admin
Admin

Make sure you do not use endpoint policy and FW blade on the Endpoint client itself. 

0 Kudos
pfilipe
Contributor

Hello @_Val_ ,

 

Yes i have the FW blade on the Enpoint enable on the client. Once i turn i disable it i get the error for the Windows Firewall.

Is there anyway i have the FW Blade enabled but still checks for the windows Firewall?

 

Thanks

0 Kudos
_Val_
Admin
Admin

I do not think so. Once Endpoint client has a policy, it counts for a FW. Also, having two separate FWs on a client is not a good idea.

0 Kudos
pfilipe
Contributor

And how can i disable completely the FW Blade, since i only find a way that the users disable it. I would like to disable it globally and not giving the chance do enable/disable.

 

Thanks

0 Kudos
_Val_
Admin
Admin

I believe you need to install Remote Access VPN client and not Endpoint Client. Look into sk175451 under "StandAlone Clients"

pfilipe
Contributor

Yeah thats it, you need as well to make true the SCVGlobalParams ( :skip_firewall_enforcement_check (true))

Thank you!

 

If anyone needs the SCV i will leave it here.

0 Kudos
GerberthM
Explorer

Hi pfilipe, this local.scv it works for all antivirus application (trend micro, mcafee, windows defender, etc)?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events