Filter
Top Products
Chapter 6. Compliance subsystem implementation 171
8. The next policy we configure checks whether the personal firewall is installed
and running. Since we are using the generic posture collectors, this policy
was implemented as two separate policies, one for checking the registry if the
firewall is installed and the second to check the services if it is running.
As an example we have chosen to check for the ZoneLabs firewall, but you
can easily adjust these policies for any other personal firewall.
First, at the collectors view select ZoneAlarm Firewall Installed, right-click,
and click Edit collector parameters from the pop-up menu. You are
presented with parameters for the generic
nac.win.any.regkey.PostureRegKeyV2 collector, as shown in Figure 6-44. This
is one of the most universal collectors, as it allows you to check the existence
and value of any Windows registry key.
Figure 6-44 Parameters for RegKey collector
All the parameters for the nac.win.any.regkey.PostureRegKeyV2 collector are
described in the Table 6-5.
Table 6-5 Parameter information for nac.win.any.regkey.PostureRegKeyV2
Parameter name Parameter type Description
KEY Operational Used to specify the name of the registry key to evaluate.
Exactly one parameter value is required. If no parameter
value is provided, no posture elements will be generated.
If a parameter value is provided it will be used for the
registry key existence check. If more than one parameter
value is provided, only the first parameter value will be
used.