Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Home >   Check Point Forums >   Software Blades and Gateways >   Mobile Access / SSL VPN

Thread: Mobile Access & Endpoint Compliance Rules

Welcome, Guest Help
Login Login
Guest Settings Guest Settings
This question is not answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 1 - Pages: 1 - Last Post: Jun 30, 2017 11:28 PM by: Dameon Welch-Ab... Threads: [ Previous | Next ]
Jessa Haines

Posts: 1
Registered: 6/28/17
Mobile Access & Endpoint Compliance Rules
Posted: Jun 28, 2017 5:29 PM
 
  Click to reply to this thread Reply

Hi all (first post here)

I am looking for some feedback/advice on a recent change we have implemented on our network.

We have been utilizing a Windows Update rule through Endpoint Compliance on Mobile Access to prohibit any user from connecting if Automatic Windows Updates is not enabled. With a lot of the SMB vulnerabilities being exploited we wanted to include an OR rule that specified two Microsoft KB#'s that would need to be present on the connecting device as well.

We have just added the two June Security/Monthly Rollup KB's to that rule.

I checked with one of my infrastructure colleagues and looked at a recently re-imaged machine that will be getting shipped out to a user. It looks like when the updates run it grabs the most recent roll-ups and applies them along with a number of other KB's.

I am concerned about a few things here. I am not sure how to assess how MS implements these KB's every month in relation to the ones that were previously there. I know they can supersede previously released patches but will those patches stay on the machine and for how long? And when a new machine is imaged - what does it grab for a baseline, how far back does it go?

I realize my questions are MS specific but i am curious if anyone utilizing Mobile Access used Endpoint Compliance for this or a similar reason and has some suggestions on how to go about doing this without having to update the KB's every month and push policy. Thanks in advance.

Dameon Welch-Ab...

Posts: 142
Registered: 4/16/09
Re: Mobile Access & Endpoint Compliance Rules
Posted: Jun 30, 2017 11:28 PM   in response to: Jessa Haines
 
  Click to reply to this thread Reply

My understanding is these patches stay around until a major OS update occurs.
Which means you'd probably need to update these KBs referenced in your policy and push.

I would recommend posting your question here as these forums will not accept posts in a short period of time:
https://community.checkpoint.com/community/infinity-general/remote-access-capsule-cloud

Legend
Expert: 751 + pts
Advanced: 301 - 750 pts
Enthusiast: 101 - 300 pts
Novice: 0 - 100 pts
Check Point
Helpful Answer (5 pts)
Correct Answer (10 pts)