Traveling and security
Because SSL VPN provides a means for “on-the-go” users to dial in to the network while away from the office, you need to ensure that wherever and however they choose to dial in is secure, and not potentially compromising the corporate network.
When setting up the portal, you can include two options to ensure corporate data is safe; a host check for antivirus software, and a cache cleaner.
You can enable a host integrity checker to scan the remote client. The integrity checker probes the remote client computer to verify that it is safe before access is granted. Security attributes recorded on the client computer (for example, in the Windows registry, in specific files, or held in memory due to running processes) are examined and uploaded to the FortiGate unit. For more information, see Basic configuration.
Host Check is applicable for both SSLVPN Web Mode and SSLVPN Tunnel mode.
You can enable a cache cleaner to remove any sensitive data that would otherwise remain on the remote computer after the session ends. For example, all cache entries, browser history, cookies, encrypted information related to user authentication, and any temporary data generated during the session are removed from the remote computer. If the client’s browser cannot install and run the cache cleaner, the user is not allowed to access the SSL-VPN portal. For more information, see Basic configuration.