Host Checker

Host checker is a client-side agent that performs endpoint health and security checks for hosts that attempt to connect to a Ivanti Connect Secure device. It supports two types of rules within a policy; predefined and custom. The pre-defined inspection capabilities consist of health and security checks including antivirus versions, antispyware, OS versions, hard disk encryption status and patch checks. The pre-defined rules are provided by OPSWAT and it uses the ESAP plug-in for pre-defined checks.

Custom rules allow admin to define checks to collect system health using Integrity message collector (IMC) and evaluate using Integrity message verifier (IMV) of TNC framework. The custom rules are created by the admin to include inspection checks such as absence or presence of specific file, certificate checks, TCP ports, processes, registry key settings, NetBIOS name, MAC addresses or certificate of the client machine and third-party inspection methods (custom DLLs).

You can invoke Host Checker at the role level, or the realm level to specify access requirements for endpoints attempting to authenticate.

For details about the configuration, refer to Pulse Host Checker Configuration Guide available on the https://www.ivanti.com/support/product-documentation site.