Extentrix EPA Scans Enterprise Edition

	Quick Links		\| Contact Us	\| Extentrix.com Home

Extentrix Endpoint Analysis Scan

Extentrix EPA Scans
Enterprise Edition

Extentrix EPA Scans
Advanced Edition

Supported AVs , FWs &
ASs

Download Trial

Support

How To Buy

Related Products
	Extentrix Tutis

Next Step
	Request More Information
	Tell a Colleague

Extentrix EPA Scans Enterprise Edition

The Extentrix EPA Scans Enterprise Edition for Citrix Access Gateway (CAG) Enterprise provides an administrator with the means to ensure that client endpoints connecting to a network are doing so in a safe and secure manner. When the client attempts to connect it is scanned based on rules created by the administrator that are designed to enforce security requirements. Each rule is made up of one or more scans.

The product comes with an easy to use MMC-based management console that enables you to create scans and rules and

upload them directly from the same console to your CAG appliance. It not only allows you to create Extentrix scans but also native Citrix scans as well. This console also allows you to upload the client engine dll to applicable appliances.

The client component contains a powerful engine that provides numerous scans to verify that the endpoint client meets organizational security policies before allowing access.

The client engine can:

Scan for the presence of more than 485 Anti-Virus, Firewall and Anti-Spyware
Execute 10 scans that check for the existence of an SSL certificate, MAC address, type of connection, type of console and much more
Unique Windows Security Center (WSC) Scan that complements existing anti-virus, anti-spyware and personal firewall scans and ensures that an endpoint device is protected even if the scans are not directly supported by Extentrix
Domain SID scan verifies that a user is a member of a domain using the domain SID

The engine has been verified with PCs running operating systems that are currently supported by Microsoft including XP, Vista 32 and 64 bit as well as Windows® 7 32 and 64 bit.

Some Security Scan examples include:

1.	CLIENT CERTIFICATE SCAN
	The Client Certificate Scan enables an administrator to scan an endpoint device to ensure that a specific certificate (or set of certificates) has been installed to the device prior to allowing access, thus ensuring that the device is connecting in a secure manner.
2.	CLIENT REGISTRATION SCAN
	This scan is used to grant access providing the user agrees to a nondisclosure agreement. Access to the corporate resources can be allowed for a certain number of days. This period of time can be renewed as the administrator determines. For example, the administrator may allow a user to UAT test an application for 5 days, after which access will be denied.
3.	PROMPT USER SCAN
	Scan empowers administrators with the ability to ask the user question and dependent upon the response access is allowed to the corporate resource. The administrator can determine the type of dialog/question: Yes/No or Ok/Cancel.
4.	COMPUTER MAP CHECK SCAN
	Scans the endpoint device, gets its name, and maps the computer name to one of the allowed groups –if any – where as the scan output reflects the mapping result. If the result shows that the computer map belongs to the group specified by the IT administrator, the user will be granted access to the corporate resource. Otherwise, access will be denied. This type of scan will protect critical data and resources on corporate servers from misuse by undesired users.
5.	CONNECTION TYPE SCAN
	Determines the connection type and speed of the endpoint device. Based on this information the administrator will determine the appropriate action to take. For example, and due to security reasons, the administrator may be required to grant clients who are connecting to the corporate resource using a wireless connection a restricted level of access.
6.	SUBNET DETECTION SCAN
	Based on subnet information, the administrator can determine if the client is connected to the corporate network or to a remote network, allowing the ability to grant or deny the access to the corporate resource. The administrators may want to make sure that the client accessing the system resources is using his/her own machine at work. Using this scan, the administrator can identify the IP address and the subnet masks of the machine.
7.	MAC ADDRESS SCAN
	Detects the media access control (MAC) address for each network interface card (NIC) or network adapter on the client device and compares the address against a data set containing the list of valid MAC addresses. This scan requires a data set listing valid MAC addresses.
8.	CONSOLE DETECTION SCAN
	Extentrix Console Detection Scan determines if the user is connecting remotely to the Endpoint Device. The Scan can indicate if the user is using the actual physical Endpoint PC or is using it by well known remote control software (RDP, ICA, and RealVNC).
9.	SCREEN SAVER SCAN
	IT administrators may require that the clients accessing their resources have screen savers configured on their machines for security purposes. This scan allows the administrator to scan the endpoint device and check for the presence of the Screen Saver and whether it is password protected or not.
10.	WORKING HOURS SCAN
	The Scan gives an administrator the ability to allow users access to company resources at predefined Working Hours, so Administrator can predefine working hour (12:15 – 23:55), if a user connects to the corporate resource during this time then the access will be accepted, but if he/she tries to connect in any invalid time, a warning message appears and access will be denied.
11.	SMART DETECTORS SCAN
	Check the client machine for more than 320 of most used antivirus, Firewall and Anti-spyware if they are installed, up to date and running. To see the list of supported antivirus, antispyware and firewall, please Click Here.