05-17-2009 06:11 AM
a have a small question a customer asked me while i was doing a poc, if a user enable the antivirus for the host checker and once he passed the host checker he disabled his AV what will happen then ?
am not sure about this answer does anybody know ?
Solved! Go to Solution.
05-17-2009 08:32 AM
You can configure Host Checker to re-check as needed. This setting is configured on the Host Checker Tab in Endpoint Security. You can also enable "Dynamic Policy Re-evaluation". This will refresh the roles after the Host Checker policy completes. For example, user A fails the HC Policy at logon because there AV is out-of-date. However, they get mapped to a more restrictive role and you permit access. While they're logged in, their AV is updated. Since you have "Perform check every" 10 minutes configured, the HC Policy will run again, and this time the user passes the HC policy. You also have the "Dynamic Policy Re-evaluation" enabled, so the HC Policy role is refreshed and new resources mapped.
Does this help?