The Mobile Access Software Blade lets you use the Endpoint Security on Demand feature to create compliance policies and add more security to the network. Mobile devices and computers are scanned one time to make sure that they are compliant before they can connect to the network.
The compliance scanner is installed on mobile devices and computers with ActiveX (for Internet Explorer on Windows) or Java. The scan starts when the Internet browser tries to open the Mobile Access Portal.
The compliance policy is composed of different types of rules. You can configure the security and compliance settings for each rule or use the default settings.
These are the rules for a compliance policy:
By default, Endpoint Security on Demand only allows endpoint computers that are compliant with the compliance policy log in to the Mobile Access portal.
To create a compliance policy:
The Policies window opens.
The Policies > New Policy window opens.
The Add Enforcement Rules window opens.
You can also create new rules - click New Rule, and configure the rule settings.
The Policies > New Policy window shows the rules for the policy.
When selected, the scan for endpoint computers that are compliant with the Anti-Virus or Anti-Spyware settings is changed. These computers do not scan for spyware when they connect to a Mobile Access Security Gateway.
The Policies window opens.
The Firewall on a Mobile Access Security Gateway only allows access to endpoint computers that are compliant with the compliance policy.
This procedure shows how to configure the Laptop Computer policy for a Security Gateway.
To configure the compliance settings:
The Endpoint Compliance page of the Security Gateway properties window opens.
Secure Workspace is a security solution that allows remote users to connect to enterprise network resources safely and securely. The Secure Workspace virtual workspace provides a secure environment on endpoint computers that is segregated from the "real" workspace. Users can only send data from this secure environment through the Mobile Access portal. Secure Workspace users can only access permitted applications, files, and other resources from the virtual workspace.
Secure Workspace creates an encrypted folder on the computer called My Secured Documents and can be accessed from the virtual desktop. This folder contains temporary user files. When the session terminates, Secure Workspace deletes this folder and all other session data.
For more about configuring Secure Workspace, see the R80.10 Mobile Access Administration Guide.
To enable Secure Workspace on a Mobile Access Security Gateway:
The Check Point Secure Workspace page of the Security Gateway properties window opens.
To learn more about Mobile Access VPN, see the R80.10 Mobile Access Administration Guide.