-server set-up"> We installed LANDesk Security Suite 8.6 on one virtual server and on three other servers running Microsoft Corp.s Windows Server 2003. We used one of these servers as a normal DHCP server; one as a LANDesk Security Suite 8.6 posture validation server; one as a remediation server; and, finally, one as a LANDesk DHCP server. Companies can assign several functions to a single server for testing LANDesk prior to widescale deployment, but we found it much easier to allocate functions to separate servers. In our tests, the LANDesk DHCP server acted as the network access control point that brokered device admittance to our protected network. Although it was finicky to set up, the whole thing did eventually work as promised. LANDesk Security Suite 8.6 ably downloaded security content, including patches and vulnerability and spyware definitions, as well as a wide variety of anti-virus and firewall configuration definitions.We configured security policies that specified the required patch level and configuration of anti-virus programs, plus a variety of other factors, including firewall configuration and checks for spyware on end-user systems. The results of the policy check were examined, along with the length of time since the last scan of the end-user device. If the end-user device passed the posture check, then LANDesk ensured that all other authorizations and user authentications were correct and then the end-user device was admitted to our test network. Next Page: Tons of tinkering.
This information comprised the threat definitions, and we were able to create policies that allowed or denied end-user device access to our networks based on these definitions.