Store and Reuse Host Checker Policy Results

The Host Checker configuration page enables you to store and reuse the host checker evaluation results. The admin can configure the time interval in days for not performing the host check on the endpoint. When the user connects for the first time the Host Checker runs and the results are saved in IPS. However, for the subsequent logins from the same endpoint, the host checking is not performed and the saved host check result is reused till the expiration of the admin defined time interval.

The first connection from the endpoint never reuses the cached results. The subsequent logins from the same endpoint uses the cached host checker results.

This feature saves the Host Check results for clients connecting from Windows and Mac desktop operating systems. This feature helps in providing faster connection or access to the network.

The Host Checker saved/cached results will be cleared in the following scenarios:

  • Change in HC policy configuration such as addition, deletion and modifications
  • Change in Active ESAP version
  • Change in HC configuration such as periodic interval, disabling the caching feature and role configuration under caching feature
  • Server reboot
Limitations
  • Periodic host checking, rule monitoring, and remediation are supported only for the first connection when the results are not cached
  • Change in Compliance status of the device is not detected if cached results are used for the connection

To configure caching on Host Checker:

  1. Select Authentication > Endpoint Security > Host Checker.
  2. Under Options, Store host checking evaluation results enable Store Host Checking evaluation results and enter the number of days for not performing the Host Check. The default number of days for storing HC results is 7 days. The supported range is between 1- 30 days.
  3. The Admin can also choose to cache results based on the roles assigned:
    • Any role is assigned- If you select this option, the HC results are cached irresepective of the role assigned.
    • Any of the selected roles is assigned- If you select this option, the HC results are cached only when the selected role is assigned.

    It is recommended to not enable caching for remediation roles because the subsequent logins will be in the remediation role as cached results are used.

  4. Click Save Changes.