vpn : ssl web host-check-software
 
ssl web host-check-software
Use this command to define security software for selection in the host‑check-policy field of the vpn ssl web portal command.
Syntax
config vpn ssl web host-check-software
edit <software_name>
set guid <guid>
set type {av | fw}}
set version <version_str>
config check-item-list
edit <id_int>
set action {deny | require}
set md5s <md5_str>
set target {file | process | registry}
set type {file | process | registry}
set version <version-str>
end
end
Variable
Description
Default
<software_name>
Enter a name to identify the software. The name does not need to match the actual application name.
 
set guid <guid>
Enter the globally unique identifier (GUID) for the host check application. The GUID is usually in the form xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx, where each x is a hexadecimal digit. Windows uses GUIDs to identify applications in the Windows Registry.
No default.
set type {av | fw}}
Select the software type: antivirus (av) or firewall (fw). If the software does both, create two entries, one where type is av and one where type is fw.
av
set version <version_str>
Enter the software version.
No default.
check-item-list variables
<id_int>
Enter an ID number for this entry.
 
set action {deny | require}
Select one of
require — If the item is found, the client meets the check item condition.
deny — If the item is found, the client is considered to not meet the check item condition. Use this option if it is necessary to prevent use of a particular security product.
require
set md5s <md5_str>
If type is file or process, enter one or more known MD5 signatures for the application executable file.You can use a third-party utility to calculate MD5 signatures or hashes for any file. You can enter multiple signatures to match multiple versions of the application.
 
set target {file | process | registry}
Enter information as follows:
If type is file, enter the full path to the file.
If type is process, enter the application’s executable file name.
If type is registry, enter the registry item.
No default.
set type {file | process | registry}
Select how to check for the application:
file — Look for a file. This could be the application’s executable file or any other file that would confirm the presence of the application. Set target to the full path to the file. Where applicable, you can use environment variables enclosed in percent (%) marks. For example, %ProgramFiles%\Fortinet\FortiClient\FortiClient.exe.
process — Look for the application as a running process. Set target to the application’s executable file name.
registry — Search for a Windows Registry entry. Set target to the registry item, for example HKLM\SOFTWARE\Fortinet\FortiClient\Misc.
file
set version <version-str>
Enter the version of the application.
No default.