Applies To:

Show Versions Show Versions

Archived Manual Chapter: Configuring Endpoint Checks
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.

In BIG-IP® Secure Access Manager access policies, you use endpoint checks to collect and verify system information. In the visual policy editor, you can use the information collected by endpoint checks in an access policy, to enforce a specific security level before granting access to network resources. You can also use this information to perform remediation and protect your network resources. The Secure Access Manager provides these checks as a set of access policy actions that you can use to construct an access policy to evaluate client systems.
Secure Access Manager collects various types of information about the client system using browser add-ons (ActiveX controls or browser plug-ins). For those clients that do not support browser add-ons or that do not allow browser software installation, endpoint security process inspects HTTP headers to gather the information.
The Secure Access Manager provides checking primarily for Windows-based systems, and some of the checking is not supported on Mac OS X or Linux systems.
Antivirus check
Checks information about installed Windows antivirus software, including vendor, version, state (enabled or disabled), and virus database age. Refer to information and procedures for the antivirus check on page 7-9.
Browser cache cleaner
Loads a browser cache cleaner that removes all session-specific information from the clients browser after logout or session termination. Also allows you to configure session inactivity timeouts, clean up saved form information and passwords, and remove some other information from a Windows system. Refer to Setting up browser cache cleaner.
File check
Checks for the presence or absence of Windows files based on criteria that includes file name, size, and MD5 signature. Refer to Setting up file check.
Firewall check
Checks information about installed Windows firewalls, including vendor, state (enabled or disabled), and version. Refer Setting up firewall check.
Process check
Checks for running Windows processes. Refer to Setting up process check.
Registry check
Checks the Windows registry for keys and values that you specify. Refer to Setting up registry check.
Windows info
Checks the version information for the Windows operating system, such as version and hotfix information from the remote system. Refer to Verifying Windows information.
For Windows clients, the Secure Access Manager downloads and installs browser add-ons to gather information on the client device. To install the controls or plug-ins, the logged-on user must have rights that allow software installation on the client system.
In addition, the clients browser must be configured to allow software installation, otherwise, the client checks might not collect all of the information required, and the access policy can fail.
The administrator can configure an access policy to provide access for non-Windows clients, or clients that do not have the ability to install browser add-ons. To do this, the administrator adds a UI Mode check at the start of the access policy, and then adds the Windows-specific client-side checks only on the Full Browser or Standalone Client access policy branches.
The following actions can be used at the beginning of the access policy, to prevent logon failures for users who cannot use client-side checks.
Client OS
Checks the operating system of the clients computer, so you can create different access policies on separate operating system branches. Refer to Configuring client OS check.
UI mode
Checks whether the client is using the full browser, a standalone client, or another type of system. Refer to Configuring UI mode check.
The client OS check allows you to check the operating system the client is using. The default client OS check includes seven rule branches. Six of these rule branches correspond to the operating systems specified in the name of the rule. If, while running the access policy, Secure Access Manager detects the operating system on the client as one of the specified operating systems, the access policy uses that rule branch. The access policy uses the fallback rule branch when it detects any other operating system. These are the operating system rule branches:
We recommend that you use the client OS check at the beginning of an access policy, so you can build access policies using the separate operating system branches for functionality specific to those operating systems.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Client OS and click Add Item to add the action to the access policy.
The Client OS action popup screen opens.
6.
Click Save to complete the configuration.
7.
To activate the access policy, click the Activate Access Policy link at the top of the visual policy editor screen.
In this example, you add the client OS check to an access policy, and only the Windows Vista and Windows XP branches are assigned webtop endings.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Client OS and click Add Item to add the action to the access policy.
The Client OS action popup screen opens.
6.
Click Save.
7.
On the Windows XP and Windows Vista branches following the client OS action, configure webtop endings. Configure logon denied endings for all other branches.
To configure endings, see Configuring access policy endings.

The completed policy appears as in Figure 7.1.
8.
To activate the access policy, click the Activate Access Policy link at the top of the visual policy editor screen.
You can use the UI mode check to determine whether the client is using a full browser, the standalone client, or another client to access the Secure Access Manager. The default UI mode check includes three branches:
A Full Browser branch, which indicates that the user is connecting with a Windows web browser or with the standalone client in web browser mode.
A Standalone Client branch, which indicates that the user is connecting with the standalone client, and not in full browser mode.
A Fallback branch, which indicates that the user is connecting with another method.
We recommend that you use the UI mode check as one of the first checks in your access policy. You can then configure the Full Browser branch with all of the endpoint security checks that you require for your endpoint-security capable clients, while also providing access policy branches for other clients.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select UI Mode and click Add Item to add the action to the access policy.
The UI Mode action popup screen opens.
6.
Click Save to complete the configuration.
7.
To activate the access policy, click the Activate Access Policy link at the top of the visual policy editor screen.
In this example, you add a UI mode check, then add a browser cache cleaner endpoint security check to the Full Browser branch.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select UI Mode and click Add Item to add the action to the access policy.
The UI Mode action popup screen opens.
6.
Click Save.
7.
On the Full Browser branch following the UI Mode action, click the plus sign ().
The Add Item popup screen opens.
9.
Select Browser Cache Cleaner and click Add Item.
The browser cache cleaner action popup screen opens.
10.
Click Save.
11.
On the Standalone Client branch following the UI mode action, and the Successful branch following the browser cache cleaner action, configure webtop endings.
12.
Configure logon denied endings for all other branches.
To configure endings, see Configuring access policy endings.
The completed policy appears as in Figure 7.2.
13.
To activate the access policy, click the Activate Access Policy link at the top of the visual policy editor screen.
You use the antivirus check action to check for antivirus software on the client computer. You can configure the Antivirus check action to search for antivirus software from a set of available antivirus vendors, or for specific antivirus applications. In addition, the antivirus check can determine the specific version of the software, the specific virus database version, the age of the virus database, and whether the antivirus software is enabled.
When you configure the antivirus action with multiple antivirus types, the antivirus types work as logical OR operators. If one antivirus you specify matches the software on the client computer, the action passes, regardless of other antivirus conditions that are specified in the action.
Use the antivirus check action to assure that clients who connect to Secure Access resources are using an antivirus solution that you approve, and that is up-to-date.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Antivirus Check and click Add Item to add the action to the access policy.
The Antivirus Check action popup screen opens.
From the Antivirus ID list, select the antivirus vendor. Select Any to allow the access policy to pass with any antivirus.
From the State list, select a state for the antivirus. Select Enabled to specify that the selected antivirus (or any antivirus) is running on the computer. Select Unspecified to verify the presence of the antivirus software, but not the state.
If you require a specific virus software engine version (for example, 5200.2000), in the Version box, type the version number. Note that this check does not allow for later versions, so if you check for a specific version, a later version will fail.
If you require a specific virus database version (for example, 4.931.00), in the Database Version box, type a database version. Note that this check does not allow for later versions, so if you specify a check for a specific version, a later version will fail.
If you require that the virus database not be older than a certain age, in the DB Age Not Older Than (days) box, type the database age in days. Be sure to use settings that are compatible with your software. Some antivirus services provide updates frequently, every few days; some antivirus services update only every week or less.
7.
8.
Click Save to complete the configuration.
In this example, the administrator adds support for three popular corporate antivirus solutions: McAfee, Kaspersky, and Symantec. The administrator specifies that any of these antivirus solutions must be running, with virus databases no older than 7 days, for the client computers to pass the condition successfully. In addition, the administrator specifies that the version of Kaspersky antivirus software be version 7.0.0.120 or later.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Antivirus Check and click Add Item to add the action to the access policy.
The Antivirus Check action popup screen opens.
From the Antivirus ID list, select McAfee, Inc.
From the State list, select Enabled.
In the DB Age Not Older Than (days) box, Type 7.
7.
Click Add new entry to add an antivirus entry to the action.
Note that new entries are added above previously configured entries, by default.
From the Antivirus ID list, select Kaspersky Labs.
From the State list, select Enabled.
In the Version box, type 7.0.0.120.
In the DB Age Not Older Than (days) box, type 7.
9.
Click Add new entry to add an antivirus entry to the action.
Note that new entries are added above previously configured entries, by default.
From the Antivirus ID list, select Symantec Corp.
From the State list, select Enabled.
In the DB Age Not Older Than (days) box, Type 7.
11.
Click Save to save the access policy.
Use the browser cache cleaner action to provide a higher level of security to systems that are logged on to your network. The browser cache cleaner agent deletes browser cache and other session-related information, and can be configured to clean various settings from the users system after a session is closed.
In an access policy, the browser cache cleaner action is considered successful when the browser add-on starts successfully on the client computer. A failure indicates that the browser cache cleaner was unable to start.
Note: The browser cache cleaner only cleans cache and related session information from the Internet Explorer browser. Browser cache and session-related items are not removed from Firefox, Safari, or any other browser. However, other items you configure in the action are cleaned on all Windows systems.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Browser Cache Cleaner and click Add Item to add the action to the access policy.
The Browser Cache Cleaner action popup screen opens.
For the option Clean forms and passwords autocomplete data option, select Enabled or Disabled.
Enabled removes autocomplete data from web forms, and deletes saved passwords from the system after the user logs out.
For the option Empty Recycle Bin, select Enabled or Disabled. Enabled ensures that the Recycle Bin is emptied on the system after the user logs out.
For the option Force session termination if the browser or Webtop is closed, select Enabled or Disabled. Enabled forces the session to close when the user closes the web browser or the network access webtop.
For the option Remove dial-up entries used by Network Access client, select Enabled or Disabled. Enabled removes the VPN connection from the users Network Connections Dial-up Networking folder.
In the User inactivity timeout box, type a setting to force the session to close if the user is inactive for the specified number of minutes. A setting of 0 enforces no timeout.
User inactivity is the period of time during which the user has not input any data using the keyboard or mouse on the client system. This is not traffic inactivity over the VPN.
7.
Click Save to complete the configuration.
In this example, the administrator adds a browser cache cleaner that removes stored passwords and autocomplete data, forces the user to log out if the Webtop or browser is closed, and closes any session that is inactive after 25 minutes. All other settings are left disabled.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Browser Cache Cleaner and click Add Item to add the action to the access policy.
The Browser Cache Cleaner action popup screen opens.
For the option Clean forms and passwords autocomplete data, select Enabled.
For the option Force session termination if the browser or Webtop is closed, select Enabled.
In the User inactivity timeout box, type 25 to force the session to close after 25 minutes of inactivity.
7.
Click Save to complete the configuration.
You use the file check action to verify the presence of one or more files on a client system. The file check action can verify one or more file properties, including the file name, size, date, version, MD5 checksum, and signer.
If a file with the described properties exists, the action goes to the successful branch. If the file does not exist, or a file exists but one or more properties are not correct, the action goes to the fallback branch.
Note: Do not specify more than 24 files in a file check action. File check actions with more than 24 files specified cause endpoint checks to fail.
Add a file check action to an access policy in a situation where verifying the presence of a certain file can increase confidence in the security of the client system.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select File Check and click Add Item to add the action to the access policy.
The File Check action popup screen opens.
6.
Click Add new entry to add a file entry to the action.
In the FileName box, type the name for the file you want to check.
Note that this is the only setting that is required.
If you want to verify that the MD5 checksum matches, in the MD5 box, type or paste the MD5 checksum.
If you require an exact size for the file, in the Size box, type the size in bytes.
Note that if you type a 0 in this box, no file size check occurs. To check for a 0-byte file, you must instead type the MD5 checksum in the MD5 box. The MD5 checksum for a 0-byte file is always d41d8cd98f00b204e9800998ecf8427e.
If you want to specify the file creation date, in the Date box, type the file creation date. The default date of 1970-01-01 00:00:00 is the same as specifying no date.
You can determine the file creation date by right-clicking the file in Windows, and selecting Properties. The file creation date must be translated to a 24-hour clock, if your system is not on 24-hour time. For example, you would type the file creation date
Wednesday, February 27, 2008, 1:23:37 PM
in this box as 2008-02-27 13:23:37.
In the Version box, type the version of the file, if you want to specify a version, or greater than or less than a version of the file.
From the Version Comparison list, select the version comparison operator. Select = if you want the file to be the exact version you specify, select < if you want the file to be less than the version you specify, and select > if you want the version to be greater than the version you specify.
9.
Click Save to complete the configuration.
In this example, the administrator adds a requirement that a system file, wininet.dll, be present on the client system. The file must be version 6.0.2900.2904, be 658,432 bytes in size, and have an MD5 checksum of 38ab7a56f566d9aaad31812494944824.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select File Check and click Add Item to add the action to the access policy.
The File Check action popup screen opens.
6.
Click Add new entry to add a file entry to the action.
In the File Name box, type wininet.dll.
In the MD5 box, type the MD5 checksum 38ab7a56f566d9aaad31812494944824.
Many MD5 checksum utilities include a copy function to simplify this step.
In the Size box, type 658432.
In the Version box, type 6.0.2900.2904.
From the Version Comparison list, select =.
8.
Click Save to complete the configuration.
The firewall check action is used to check for firewall software on the client computer. The action can be configured to check for available firewall, or specific firewall vendors. In addition, the firewall check can determine whether the firewall software is enabled, and verify the version of the software.
When you configure the firewall action with multiple firewall types, the firewall types work as logical OR operators. If one firewall you specify matches the software on the client computer, the action passes, regardless of other firewall conditions that are specified in the action.
Use the firewall check action to check for the existence of files that can ensure that client systems comply with your security policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Firewall Check and click Add Item to add the action to the access policy.
The Firewall Check action popup screen opens.
6.
Click Add new entry to add a firewall entry to the action.
From the Firewall ID list, select a firewall, or select Any to allow the access policy to pass with any supported firewall.
From the State list, select the state to allow for the firewall. Select Enabled to specify that the selected firewall (or any firewall) is running on the computer. Select Unspecified to verify the presence of the firewall software, but not the state.
9.
Click Save to complete the configuration.
In this example, the administrator adds support for two popular firewall solution vendors: Microsofts built-in Windows Firewall, and Zone Labs. The administrator specifies that one of these firewall solutions must be running.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Firewall Check and click Add Item to add the action to the access policy.
The Firewall Check action popup screen opens.
6.
Click Add new entry to add a firewall entry to the action.
From the Firewall ID list, select Microsoft Corp. (MSWindowsFW).
From the State list, select Enabled.
8.
Click Add new entry to add a firewall entry to the action.
9.
Configure Zone Labs:
From the Firewall ID list, select Zone Labs LLC.
From the State list, select Enabled.
10.
Click Save to complete the configuration.
In the Boolean expressions you specify, you can use the wildcards * and ?, parentheses ( ) to combine values, and the logical operators AND, OR, and NOT.
Use the process check action to verify that one or more particular processes are running. You can also check that a process is not running, using the NOT operator.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Process Check and click Add Item to add the action to the access policy.
The Process Check action popup screen opens.
6.
In the Expression box, type the expression.
7.
Click Save to complete the configuration.
In this example, you use the process check action to determine the presence of the running processes winlogon.exe and GoogleDesktop.exe. You also determine that no process with gator in the name is running.
Note: This is not a complete example. For the example to work, you must assign a resource group that contains a network access resource to every branch that has a webtop ending, using the resource assign action. This example is configured starting with an empty access policy.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Process Check and click Add Item to add the action to the access policy.
The Process Check action popup screen opens.
6.
In the Expression box, type the process check expression as follows:
7.
Click Save to complete the configuration.
You use the registry check action to verify the existence or absence of certain keys and values in the system registry database. With the registry check action, you use key values or Boolean expressions to evaluate the existence or absence of registry entries.
"key"
Represents a path in the Windows registry.
"value"
Represents the name of the value.
comparison_operator
Represents one of the comparison operators (< <= > >= != =) or ISPR. ISPR is used to verify that a key or value is present.
For equality use =. The operator == is not valid here.
data
Represents the content to compare against.
[ ]
Represents optional values.
Note: Quotation marks (" ") are required around key and value arguments. Quotation marks are used in data if the content contains spaces, commas, slashes, tabs, or other delimiters. If quotation marks exist as part of the registry path or value name, they should be doubled (use two sets of quotation marks). data is treated as a version number if it is entered in the format "d.d[.d][.d]" or "d,d[,d][,d]" (where d is a number), and as a date if it is entered in the format "mm/dd/yyyy".
"HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\XP"
Checks for the presence of the specified path in the registry.
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer.Version">= "6.0.2900.2180"
Checks that the Internet Explorer version is greater than or equal to the value specified.
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer.Version" >= "5.0.2800.0" AND "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
InternetExplorer.Version" <= "6.0.2900.0"
Checks for the presence of Internet Explorer. With this registry check, the Internet Explorer version must be greater than or equal to 5.0.2800.0, and less than or equal to 6.0.2900.0.
Use the registry check action to verify that one or more particular registry checks exist, or do not exist, and to compare values to the values you support.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Registry Check and click Add Item to add the action to the access policy.
The Registry Check action popup screen opens.
6.
In the Expression box, type the registry check expression.
7.
Click Save to complete the configuration.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Registry Check and click Add Item to add the action to the access policy.
The Registry Check action popup screen opens.
6.
In the Expression box, type:
"HKEY_LOCAL_MACHINE\Software\Google\Google Desktop.ResourceDLL"
7.
Click Save to complete the configuration.
You use the Windows info check action to verify the presence of Windows operating system versions, Windows patches, or Windows updates.
Use the Windows info action to determine if the user is using the correct version of Windows, has applied specific patches or updates to Windows, or meets other Windows requirements.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Windows Info and click Add Item to add the action to the access policy.
The Windows Info action popup screen opens.
7.
Click the Add Rule button.
8.
In the Name box, type a name for the rule.
9.
Next to Expression: Empty, click change.
The Add Expression popup screen opens.
10.
Click the Add Expression button.
11.
From the Agent Sel. list, select Windows Info.
12.
From the Condition list, select Windows platform or Windows update.
If you selected Windows platform, from the Windows Platform is list, select the Windows version.
If you selected Windows update, in the Windows patch box, type the update name. The format for this can be a KB patch or a Windows service pack, for example KB869074 or SP2.
13.
Click Save to complete the configuration.
1.
On the Main tab of the navigation pane, expand Access Control, then click Access Profiles.
The Access Profiles screen opens.
2.
In the profile list, find the access policy you want to edit, then click Edit in the Access Policy column.
The visual policy editor opens in a new window or new tab, depending on your browser settings.
5.
Select Windows Info and click Add Item to add the action to the access policy.
The Windows Info action popup screen opens.
7.
Click Add Rule.
8.
Type the name XP SP2 for the rule.
9.
Next to Expression: Empty, click change.
The Expression popup screen opens.
10.
Click the Add Expression button.
The popup screen displays new information.
11.
From the Agent Sel. list, select Windows Info.
12.
From the Condition list, select Windows platform.
13.
From the Windows Platform is list, select Windows XP.
14.
Click the Add Expression button.
15.
To add the next expression, next to AND, click Add Expression.
The popup screen displays new information.
16.
From the Agent Sel. list, select Windows Info.
17.
From the Condition list, select Windows update.
18.
From the Windows Platform is list, select Windows XP.
19.
In the Windows Patch box, type SP2.
20.
Click the Add Expression button.
The Expression popup screen shows the expression configured as in Figure 7.9.
To view the rule you have created, click the Advanced tab. You see the expression
expr { [mcget {session.windows_info_os.last.platform}] == "WinXP" && [mcget {session.windows_info_os.last.updates}] contains "SP2" }
21.
Click Finished.
22.
Click Save to complete the configuration.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)