Advanced Access Control 4.2 Scan Package Updates

RoyATokeshi
May 10, 2006 7:38 am

Citrix states in their article: CTX108534

Document ID: CTX108534, Created on: Dec 29, 2005, Updated: Dec 29, 2005

Products: Advanced Access Control 4.2

Summary

This document presents two updated endpoint analysis scan packages for use with the Advanced Access Control component of the Access Gateway. Also included in this document is an updated reference of the properties of all scan packages shipped with Advanced Access Control.

The following updated scan packages are available for download:

* Citrix Scans for Netscape Navigator Version 1.1 (filename CitrixNNVersion.zip)
* Citrix Scans for McAfee VirusScan Version 1.1 (filename CitrixVSPMcAfee.zip)

Requirements

To use these scan packages you must have the Access Gateway with Advanced Access Control 4.2.

Background

Scan packages enable you to create scans for detecting information about a client device. You use scan results in policy filters, allowing you to grant access to resources based on those results. For more information about Endpoint Analysis and scanning client devices for policy enforcement, see CTX106888 – Advanced Access Control Administrator's Guide.

To Update a Scan Package

0. updating a scan package, make sure you uninstall its previous version. If you do not uninstall the previous version, the management console tree displays two scan packages of the same name. To distinguish between two packages of the same name, compare the scan package version number displayed in the details pane of the management console on the right.

Follow these steps to update a scan package:

1. Download the updated scan package and save it in a directory accessible to the server running Advanced Access Control.
2. In the Advanced Access Control management console tree, expand the Endpoint Analysis node and select the scan package you are updating. Scan packages are by default organized under scan groups such as “Browser Scans.” You may need to expand one of these groups to find the scan package you are updating.
3. Click Uninstall scan package from Common Tasks.
4. Select the scan group in which you want to place the updated package and click Import scan package from Common Tasks.
0. you want to locate previous versions of scan packages or revert to an earlier version installed with the product, you can find the scan packages in the following default directory of the Advanced Access Control server:
5. C:\Program Files\Citrix\Acess Gateway\Bin\EPAPackages

List of Installed Scan Packages

0. following scan packages are installed by default and available for use from the management console of Advanced Access Control. Details about these scan packages appear further below in this article.

Scan Packages for Antivirus Programs

Citrix Scans for McAfee VirusScan

Citrix Scans for McAfee VirusScan Enterprise

Citrix Scans for Norton AntiVirus Personal

Citrix Scans for Symantec AntiVirus Enterprise

Citrix Scans for Trend OfficeScan

Scan Packages for Browsers

Citrix Scans for Internet Explorer

Citrix Scans for Internet Explorer Update

Citrix Scans for Mozilla Firefox

Citrix Scans for Netscape Navigator

Scan Packages for Firewall Programs

Citrix Scans for McAfee Desktop Firewall

Citrix Scans for McAfee Personal Firewall Plus

Citrix Scans for Microsoft Windows Firewall

Citrix Scans for Norton Personal Firewall

Citrix Scans for ZoneAlarm

Citrix Scans for ZoneAlarm Pro

Scan Packages for Machine Identification

Citrix Scans for Domain Membership

Citrix Scans for MAC Address

Scan Packages for Operating Systems

Citrix Scans for Microsoft Windows Service Pack

Citrix Scans for Microsoft Windows Update

Scan Package Properties Reference

This section provides reference information for each of the scan packages provided with Advanced Access Control. Reference information is arranged alphabetically by scan package name.

Citrix Scans for Domain Membership

Detects if the client device belongs to the specified domain.

Properties you can specify:

• A client domain name is required. True means the client device must belong to a named domain. False means the client device is not required to belong to a domain.

• Domain name. A valid domain name. Workgroup names are not valid.

Scan outputs produced:

• Domain. The name of the domain that the client belongs to. If a client domain name is not required, the output is “unknown.”

• Verified-Domain. Indicates if the client device belongs to the specified domain.

Citrix Scans for Internet Explorer

Detects if the specified version of the browser software exists on the client device.

Versions you can scan:

• At least up to Internet Explorer Version 6.0 Service Pack 2

Properties you can specify:

• Minimum required version. Use the format N.N.N.N, where N is an integer. However, you can specify a version as simple as N.N or as detailed as N.N.N.N (for example, 6.0.3790.1830).

Scan outputs produced:

• Product Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.

• Verified-Internet-Explorer-Installed. This Boolean output indicates if the minimum or later required version of the application is running on the client device.

• Verified-Internet-Explorer-Connecting. This Boolean output indicates if the minimum or later required version of the application is being used to perform the connection.

Citrix Scans for Internet Explorer Update

Detects if the specified version (including update or hotfix version level) of the browser software exists on the client device.

Versions you can scan:

• At least up to Internet Explorer Version 5.5 Service Pack 2

Properties you can specify:

• Data Set. Provide the name of a data set file containing the specified updates or hotfix version levels required. See the Advanced Access Control help topic “Using Data Sets in Scans” for information about using data sets in scans.

Scan outputs produced:

• Verified-Internet-Explorer-Patch. This Boolean output indicates if the updates specified in the data set are present on the client device.

Citrix Scans for MAC Address

Detects the media access control (MAC) address for each network
interface card (NIC) or network adapter on the client device and compares the address against a data set containing the list of group names mapped to valid MAC addresses.

This scan requires you to create a data set listing group names mapped to valid MAC addresses that you wish to detect. The MAC addresses in the data set should be in the format NN:NN:NN:NN:NN:NN, such as 00:11:11:06:B3:E9. Note that you should use a colon (:) as the separator in this format rather than a hyphen (-). For more information about using data sets, see the Advanced Access Control online help.

Properties you can specify:

• Data set name. Name of a data set file that maps a MAC address to a group name.

o Group name. Name of a group to which the NIC or network adapter must belong.

Scan outputs produced:

• Group name. Returns the group name associated with the MAC address of the client device network interface or adapter.

• Matched-MAC-Address. This Boolean output indicates if the network interface or adapter belongs to the specified group of MAC addresses.

Citrix Scans for McAfee Desktop Firewall

Detects if the specified version of the firewall software exists on the client device.

Versions you can scan:

• At least up to McAfee Desktop Firewall 8.5 Build 260

Properties you can specify:

• Minimum required version number or combined version and build number. To specify the version number, use the format is N.N, where N is an integer. To specify the version and build number, use the format is N.N.NNN, where N is an integer.

Scan outputs produced:

• Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.

• Verified-McAfee-Desktop-Firewall. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for McAfee Personal Firewall Plus

Detects if the specified version of the firewall software exists on the client device.

Versions you can scan:

• At least up to McAfee Personal Firewall Plus 2006 Version 7.1.113

Properties you can specify:

• Minimum required version number. N.N, where N is an integer.

Scan outputs produced:

• Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.

• Verified-McAfee-Personal-Firewall-Plus. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for McAfee VirusScan

Detects if the required version of McAfee VirusScan software (personal edition) is running on the client device.

Versions you can scan:

• At least up to VirusScan 2006 v.10.0.0.21

Properties you specify:

• Minimum required build version. Note that this property is mislabeled and appears incorrectly as “Minimum required engine version.” Use format N.N, where N is an integer. You can find the build version number in the “About” information box for the installed application.

Scan outputs produced:

• Program version. This is the version of the key program executable file. The major and minor version numbers are the same as those displayed in the program user interface. The rest of the version number may be ignored when reported.

• Verified-McAfee-VirusScan. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for McAfee VirusScan Enterprise

Detects if McAfee VirusScan software (Enterprise edition) is running on the client device.

Versions you can scan:

o At least up to VirusScan Enterprise v.4.4.00 Pattern 4641

Properties you can specify:

o Minimum required engine version. Use format N.N or N.N.N For example, 4.4 or 4.4.00. Note that the application UI and registry may display the engine version number in a slightly different format. The scan package compares the value you enter against the value found in the client device registry for the engine version. For example, the engine version 4.4.00 may appear in the registry as 4.4.00 and show up in the application’s end user UI as 4400. You can confirm the format to be used by referencing the registry files for the application. To confirm, check the registry key \\HKLM\Software\Network Associates\TVD\VirusScan Enterprise\Current Version and the value szEngineVer.
o Minimum required pattern file version number. Use format N, where N is an integer.

Scan outputs produced:

o Verified-McAfee-VirusScan-Enterprise. Indicates if this application is running on the client device.
o Engine version. Indicates the On-Access scan engine version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.
o Pattern version. Indicates the pattern file version running on the client device. If this product is not installed or is not executing, the version defaults to 0.

Citrix Scans for Microsoft Windows Firewall

Detects if the specified version of the Microsoft Windows Firewall or Internet Connection Firewall (ICF) exists on the client device. The scan can detect the following firewalls on these operating systems:

o Microsoft Windows XP Home and Professional: ICF
o Microsoft Windows XP Home and Professional Service Pack 1: ICF
o Microsoft Windows XP Home and Professional Service Pack 1: Windows Firewall
o Microsoft Windows 2003: ICF

Properties you can specify:

o Windows Firewall without exceptions is required. Select True if you require Windows Firewall to be active without exceptions. Select False if you require ICF to be active on all connections or if you require Windows Firewall to be active (with exceptions). See the Advanced Access Control help topic “Adding Rules to Scans” for an example showing how to add multiple rules with exceptions to a scan.

Scan outputs produced:

o Verified-Windows-Firewall. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for Microsoft Windows Service Pack

Detects if the operating system software on the client device is running at a required minimum service pack level.

Properties you can specify:

o Minimum required service pack. Select a Windows 9x service pack version from the drop-down menu. Select None to detect a base, unpatched operating system version.

Scan outputs produced:

o Service Pack. Returns the service pack version running on the client device.
o Verified-Windows-Service-Pack. This Boolean output indicates if the required minimum service pack level is met.

Citrix Scans for Microsoft Windows Update

Detects the operating system patches installed on the client device.

Note: This scan
package requires you to create a single-column data set listing the patch names you wish to detect. See the Advanced Access Control online help for more information about data sets.

Properties you can specify:

o Data set name. Name of a data set file that contains a single column list of patches or updates appropriate for the detected operating system.

Scan outputs produced:

o Verified-Windows-Update. This Boolean output indicates if the updates specified in the data set file exist on the client device.

Citrix Scans for Mozilla Firefox

Detects if the specified version of the Mozilla Firefox browser exists on the client device. The scan package uses the published Windows registry settings.

Versions you can scan:

o At least up to Firefox Version 1.04

Properties you can specify:

o Minimum required version. Use the format N.N.N.N, where N is an integer. However, you can specify a version as simple as N.N or as detailed as N.N.N.N (for example, 1.0.3.3).

Scan outputs produced:

o Product Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.
o Verified-Mozilla-Firefox-Installed. This Boolean output indicates if the minimum or later required version of the application is running on the client device.
o Verified-Mozilla-Firefox-Connecting. This Boolean output indicates if the minimum or later required version of the application is being used to perform the connection.

Citrix Scans for Netscape Navigator

Detects if the specified version of the Netscape Navigator browser exists on the client device. The scan package uses the published Windows registry settings.

Versions you can scan:

o At least up to Netscape Navigator Version 8.0

Properties you can specify:

o Minimum required version. Use the format N.N.N.N, where N is an integer. However, you can specify a version as simple as N.N or as detailed as N.N.N.N (for example, 8.0.3.3).

Scan outputs produced:

o Product Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.
o Verified-Netscape-Navigator-Installed. This Boolean output indicates if the minimum or later required version of the application is running on the client device.
o Verified-Netscape-Navigator-Connecting. This Boolean output indicates if the minimum or later required version of the application is being used to perform the connection.

Citrix Scans for Norton AntiVirus Personal

Detects if Norton AntiVirus software (personal edition) is running on the client device.

Versions you can scan:

o At least up to Norton AntiVirus 2006 v.12.0 Pattern 20051205.008

Properties you can specify:

o Days between required virus scans. This is the number of days within which a full-system antivirus scan must have run. Zero (0) indicates that any or no scan is acceptable. Use an integer between 0 and 365.
o Minimum required product version. Use the format N.N.N, where N is an integer.
o Minimum required pattern file version number. Use the format YYYYMMDD.NNN, where YYYY is the four-digit year, MM is the two-digit month, DD is the two-digit day, and NNN is a three-digit integer.

Scan outputs produced:

o Verified-Norton-Antivirus. Indicates if this application is running on the client device.
o Product version. Indicates the software version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.
o Pattern version. Indicates the pattern file version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.

Citrix Scans for Norton Personal Firewall

Detects if the specified version of the Norton Personal Firewall exists on the client device.

Versions you can scan:

o At least up to Norton Personal Firewall 2006 Version 9.0.0.73

Properties you can specify:

o Minimum required version number. Use the format N.N, where N is an integer.

Scan outputs produced:

o Version. The version of the key program executable file. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.
o Verified-Norton-Personal-Firewall. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for Symantec AntiVirus Enterprise

Detects if Symantec AntiVirus Enterprise software is running on the client device.

Versions you can scan:

o At least up to Symantec AntiVirus Enterprise v10.0.0.359

Properties you can specify:

o Minimum required product version. Use the format N.N.N, where N is an integer.
o Minimum required pattern file version number. Use the format YYYYMMDD.NNN, where YYYY is the four-digit year, MM is the two-digit month, DD is the two-digit day, and NNN is a three-digit integer.

Scan outputs produced:

o Verified-Symantec-AV-Enterprise. Indicates if this application is running on the client device.
o Product version. Indicates the software version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.
o Pattern version. Indicates the pattern file version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.

Citrix Scans for Trend OfficeScan

Detects if Trend OfficeScan antivirus software is running on the client device.

Versions you can scan:

o At least up to Version 5.58 Pattern 979

Properties you can specify:

o Minimum required product version. Use the format N.N, where N is an integer.
o Minimum required pattern file version number. The three-digit short form of the pattern file version running on the client device. Use the format N, where N is an integer. For example, for version 2.763, 763 is the short form you enter.

Scan outputs produced:

o Verified-Trend-OfficeScan. Indicates if this application is running on the client device.
o Product Version. Indicates the software version running on the client device. If this product is not installed or is not executing, the version defaults to 0.0.0.0.
o Pattern Version. Indicates the pattern file version running on the client device. If this product is not installed or is not executing, the version defaults to -1.

Citrix Scans for ZoneAlarm

Detects if the specified version of the free ZoneAlarm firewall exists on the client device.

Versions you can scan:

o At least up to ZoneAlarm 2006 Version 6.1.737

Properties you can specify: />

o Minimum required version number. Use the format N.N, where N is an integer.

Scan outputs produced:

o Version. The version of the key program executable. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.
o Verified-ZoneAlarm. This Boolean output indicates if the required minimum version of the application is running on the client device.

Citrix Scans for ZoneAlarm Pro

Detects if the specified version of the ZoneAlarm Pro firewall exists on the client device.

Versions you can scan:

o At least up to ZoneAlarm 2006 Version 6.1.737

Properties you can specify:

o Minimum required version number. Use the format N.N, where N is an integer.

Scan outputs produced:

o Engine Version. The version of the key program executable. The major and minor version numbers will be the same as those shown in the UI. The rest may be ignored.
o Verified-ZoneAlarm-Pro. This Boolean output indicates if the required minimum version of the application is running on the client device.



Primary links

Custom Search

User login

Who's new

  • japhabept
  • Rullydery
  • eagenorce
  • rittaarier
  • swasseZex

Who's online

There are currently 0 users and 4 guests online.

KrissysCorner.com RuthSwensonLaw.com CreativeLizardProductions.com

DISCLAIMER:

None of this has anything to do with us, someone else is responsible for the entire thing, and we have no idea who or why. We do not know anything about it. It may be alien life forms for all we know: we haven't a clue. You cannot blame us for anything that may result from your visit. That was entirely your own personal choice, made by you of your own volition, and without our knowledge. We do not, after all, have any control over you and cannot by any stretch of the imagination be expected to accept or acknowledge, be it legally or morally, any accountability for decisions made by you on an independent basis, utilizing your own free will, and without our intervention. We are therefore in no way, shape, or form answerable to anyone for any consequences arising from the aforementioned or indeed any other actions, similar or otherwise, because it was not us that did, or did not do anything. It is not even remotely our fault, and we are in no way prepared or willing to accept any liability, not even slightly, ever. We are, in fact completely and utterly blameless, in that it is definitely not our concern, and no blame can possibly be laid at our doorstep, even if we had one, the possession of which we hereby reserve as being entirely our own free choice. The onus is not on us at all, and furthermore, never has been. The entire matter is wholly beyond our control, and completely out of our hands, each of which are washed scrupulously clean of the whole business. We are not accountable for anything at all, and we hereby categorically deny all responsibility for all that has ever, or will ever happen. Our innocence is therefore wholly beyond doubt and absolutely unimpeachable, and so cannot, under even the remotest or unlikeliest circumstances, be brought into question. By clicking either on a link on this site, clicking on a link that leads to this site, or by arriving at this site by natural or supernatural means, you are in effect accepting responsibility for the fact that it is all entirely your own fault, down to the most miniscule detail, and that you are wholly accountable for whatever outcome may arise as a consequence of the aforementioned action or actions insofar as they were undertaken personally by you on an entirely voluntary basis and without any persuasion, coercion or influence from any party or parties other than yourself. Don't come sniveling to us, we are only figments of your imagination. I also agree that if I am ever with a contributor to this website during mealtimes I agree to pay for any super-sizing of their meal, or at least a nice dessert or one of those foo-foo drinks with an umbrella or a monkey. By admitting to have seen the worthless spineless drivel on this website (also known as content)

I Agree Wholeheartedly and Without Reservation to the above. (Except maybe for that part about the monkey.)

All Your Base Are Belong To Us.

Soylent Green Is People!

Never make a bet with a Sicilian when Death is on the Line!

No. Really, I do agree.