Issuing a Remediation Message with Ivanti Connect Secure

If a Host Checker policy finds that an endpoint is not in compliance, Host Checker can display a message through the Ivanti Secure Access Client interface that includes custom instructions and reason strings on how to bring the endpoint into conformance. The user must perform the steps described in the message before the endpoint is allowed to access protected resources.

To enable a remediation message for a Host Checker policy:

1.In the admin console, select Authentication > Endpoint Security > Host Checker.

2.In the Policies section, click New to create a new Host Checker policy.

3.As part of the Host Checker Policy, select Enable Custom Instructions.

When you select this option, a text box appears. Enter the instructions to display to the user on the Host Checker remediation page. You can use the following HTML tags to format text and to add links to resources such as policy servers or web sites: <i>, <b>, <br>, <font>, and <a href>. For example:

You do not have the latest signature files.

<a href=”www.company.com”>Click here to download the latest signature files.</a>

4.Optionally, select Send reason strings. Select this option to display a message to users (called a reason string) that is returned by Host Checker or IMV and that explains why the client does not meet the Host Checker policy requirements. Reason strings describe to users what the IMV is checking on the client. This option applies to predefined rules, to custom rules, and to third-party IMVs that use extensions in the Ivanti TNC SDK.

5.Click Save Changes.

Be sure to include the Host Checker policy in the realm or role you configure for Ivanti Secure Access Client users.