Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Verifying remote user OS and software

To verify that remote users are using up-to-date devices to connect to your network, you can configure a host check for Windows operating systems and software.

Only FortiOS 6.0 supports OS host checking for both Mac OS and Windows.

You can configure an OS host check for specific OS versions, including the following options: allow the device to connect, block the device, or check that the OS is up-to-date. The default action for all OS versions is allow.

The software host can verify whether the device has AntiVirus software recognized by Windows Security Center, firewall software recognized by Windows Security Center, both, or a custom setting.

Configure both checks using the CLI:

config vpn ssl web portal

edit full-access

set os-check enable

config os-check-list {windows-7 | windows-8 | windows-8.1 | windows-10 | windows-2000 | windows-vista | windows-xp}

set action {deny | allow | check-up-to-date}

end

set host-check {none | av | fw | av-fw | custom}

end

Verifying remote user OS and software

To verify that remote users are using up-to-date devices to connect to your network, you can configure a host check for Windows operating systems and software.

Only FortiOS 6.0 supports OS host checking for both Mac OS and Windows.

You can configure an OS host check for specific OS versions, including the following options: allow the device to connect, block the device, or check that the OS is up-to-date. The default action for all OS versions is allow.

The software host can verify whether the device has AntiVirus software recognized by Windows Security Center, firewall software recognized by Windows Security Center, both, or a custom setting.

Configure both checks using the CLI:

config vpn ssl web portal

edit full-access

set os-check enable

config os-check-list {windows-7 | windows-8 | windows-8.1 | windows-10 | windows-2000 | windows-vista | windows-xp}

set action {deny | allow | check-up-to-date}

end

set host-check {none | av | fw | av-fw | custom}

end