Barracuda Networks VERSION SP4 User Manual

178 Example Configuration

First start with defining the criteria for

Identity Matching

:

Since the Access Control Service in this sample setup is only reachable using private IP addresses we
can restrict the

Networks

section to the private address ranges.

As a next step define the required health conditions. For the catch-all rule you can define the same
policies you require for known clients, as security policies usually further restrict unknown clients
instead of granting them lower health requirements.

To comply to the above mentioned security requirements set the following parameters:

The value

Required

automatically enables the Barracuda NG Personal Firewall and

the Antivirus Scanner if they are deactivated.

To set the parameter

Last AV Scan Not Older Than

to

Ignore

is due to the reason that performing a regular

full-scan of the client computer takes quite some time. To enforce users to perform a full-scan during
working hours is not always welcome if their computer is slowed down.

The option

Policy Matching

(section Basic Matching) is set to One-of-following. Therefore you don't need to specify

further matching criteria.

List 13–1 Example configuration – Configure a Access Control Service Trustzone – Local Machine: Edit Policy Rule – Parameters

Parameter

Value

NG Personal Firewall On

Required

Antivirus Scanner On

Required

Last AV Scan Not Older Than

Ignore

AV Engine Required

Last-2

AV Pattern Definitions Required

Last-2

AV Engine/Pattern Action

Manual

Allowed Vendors

Trend Micro, Inc

Antispyware

disabled