EPA 15.0

Extentrix EPA Scans 15.0

Extentrix EPA Scans 15.0 is actually four solutions in one as we recently combined our Essentials, Smart Detectors, Safety Scan and Client Verification packages to create the most advanced and highly supported solution available for ensuring the security and integrity of computing devices and virtual appliances connecting to Citrix environments via Citrix NetScaler MPX, SDX and VPX series.


New features in Extentrix EPA Scans 15.0:

  • Added support for an additional 122 anti-virus, anti-spyware, anti-phishing and firewall found in version 14.3, expanding the number of supported security products to more than 2540 .

  • Verified compatibility with PCs and virtual appliances utilizing operating systems that are currently supported by Microsoft including XP 32 and 64 bit, Vista 32 and 64 bit as well as Windows® 7 32 and 64 bit as well as Windows 8 32 and 64 bit

Main features in Extentrix EPA Scans 15.0:

  • Enhancements to the Extentrix Management Console that ease the creation of customized scans and policy rules including the ability to create scans to be utilized natively by Citrix Access Gateway.

  • Straightforward integration with server farms via the ability to upload scans to all hosts as opposed to individual hosts .

  • Simplified License Management .

  • New scan types including a User Option Scan that enables the administrator to design scans by choosing products and vendors from a list .

Extentrix EPA Scans Enterprise Edition

The Extentrix EPA Scans Enterprise Edition for Citrix NetScaler MPX, SDX and VPX series provides an administrator with the means to ensure that client endpoints connecting to a  network are doing so in a safe and secure manner. When the client attempts to connect it is scanned based on rules created by the administrator that are designed to enforce security requirements. Each rule is made up of one or more scans.

The product comes with an easy to use MMC-based management console that enables you to create scans and rules and upload them directly from the same console to your NetScaler appliance. It is not only allows you to create Extentrix scans but also native Citrix scans as well. This console also allows you to upload the client engine dll to applicable appliances.

The client component contains a powerful engine that provides numerous scans to verify that the endpoint client meets organizational security policies before allowing access.

The client engine can:

  • Scan for the presence of more than 2540 Anti-Virus,
      Firewall,  Anti-Spyware and Anti-Phishing.

  • Execute 13 scans that check for the existence of an SSL certificate, MAC address, type of
     connection, type of  console and much more.

  • Unique Windows Security Center (WSC) Scan that complements existing anti-virus, anti-spyware,
      and personal  anti-phishing and firewall scans and ensures that an endpoint device is protected
      even if the scans are not directly supported by Extentrix, Our Scans support all Windows platforms.

  • Domain SID scan verifies that a user is a member of a domain using the domain SID.

The engine has been verified with PCs running operating systems that are currently supported by Microsoft including XP 32 and 64 bit, Vista 32 and 64 bit as well as Windows® 7 32 and 64 bit.

Some Security Scan examples include:

  The Client Certificate Scan enables an administrator to scan an endpoint device to ensure that a specific certificate (or set of certificates) has been installed to the device prior to allowing access, thus ensuring that the device is connecting in a secure manner.
  This scan is used to grant access providing the user agrees to a nondisclosure agreement. Access to the corporate resources can be allowed for a certain number of days. This period of time can be renewed as the administrator determines. For example, the administrator may allow a user to UAT test an application for 5 days, after which access will be denied.
  Scan empowers administrators with the ability to ask the user question and dependent upon the response access is allowed to the corporate resource. The administrator can determine the type of dialog/question: Yes/No or Ok/Cancel.
  Scans the endpoint device, gets its name, and maps the computer name to one of the allowed groups –if any – where as the scan output reflects the mapping result. If the result shows that the computer map belongs to the group specified by the IT administrator, the user will be granted access to the corporate resource. Otherwise, access will be denied. This type of scan will protect critical data and resources on corporate servers from misuse by undesired users.
  Determines the connection type and speed of the endpoint device. Based on this information the administrator will determine the appropriate action to take. For example, and due to security reasons, the administrator may be required to grant clients who are connecting to the corporate resource using a wireless connection a restricted level of access.
  Based on subnet information, the administrator can determine if the client is connected to the corporate network or to a remote network, allowing the ability to grant or deny the access to the corporate resource. The administrators may want to make sure that the client accessing the system resources is using his/her own machine at work. Using this scan, the administrator can identify the IP address and the subnet masks of the machine.
  Detects the media access control (MAC) address for each network interface card (NIC) or network adapter on the client device and compares the address against a data set containing the list of valid MAC addresses. This scan requires a data set listing valid MAC addresses.
  Extentrix Console Detection Scan determines if the user is connecting remotely to the Endpoint Device. The Scan can indicate if the user is using the actual physical Endpoint PC or is using it by well known remote control software (RDP, ICA, and RealVNC).
  IT administrators may require that the clients accessing their resources have screen savers configured on their machines for security purposes. This scan allows the administrator to scan the endpoint device and check for the presence of the Screen Saver and whether it is password protected or not.
  The Scan gives an administrator the ability to allow users access to company resources at predefined Working Hours, so Administrator can predefine working hour (12:15 – 23:55), if a user connects to the corporate resource during this time then the access will be accepted, but if he/she tries to connect in any invalid time, a warning message appears and access will be denied.

Check the client machine for more than 2540 of most used antivirus, Firewall, Anti-spyware and Anti-phishing if they are installed, up to date and running.

To see the list of  supported antivirus, antispyware, firewall and Anti-phishing, please Click Here.

12. Domain SID scan

Domain SID scan verifies that a user is a member of a domain using the domain SID.

13. GEO-IP Scan

The Geo-IP Scan determines the location of the end user. The scan can use Country code, Region, Town / City, Postal Code and ISP as criteria for search results. We have two scans for you to provide more options and control over who can accesses your servers.


Click here to register for our FREE webinar about "Optimizing Endpoint Security for Citrix Environments"


© 2012 Extentrix Systems