SSL VPN : Verifying that SSL VPN users have the most recent AV software before they can log into the SSL VPN
  
Verifying that SSL VPN users have the most recent AV software before they can log into the SSL VPN
Problem
Before a remote SSL VPN user logs into the network, you want to be sure that they have approved antivirus software installed on their computers. Only clients that meet the requirements are permitted to log on.
Solution
Use SSL VPN host checking. When the remote client attempts to log in to the VPN network, the FortiGate unit uses the host check information to verify that the approved antivirus software is installed on the client computer.
1 Go to VPN > SSL > Portal, Edit a portal and select Settings.
2 Select Security Control and select the following:
 
Host Check
Custom
Policy
Select the names of one or more antivirus software packages from the FortiGate AV software database. You can select multiple options.
 
If your company does not require a standard AV software on remote computers, you can set Custom to AV option, in which case, the FortiGate unit will check for any AV software from its SSL VPN antivirus software database.
3 Select OK twice to save the portal configuration changes.
Results
When a remote user connects to the SSL VPN tunnel, the FortiGate unit verifies that the approved antivirus software is installed on the remote user’s device. If it is, the user can log in.
If the approved antivirus software is not installed, the remote user sees the following error message:
From the FortiGate web‑based manager go to Log&Report > Event Log to see the tunnel message in the Action column.
 
Select the log entry to view the detailed information, which indicates the user attempting to connect. The Reason row indicates that the host check failed.
 
 
 
To make sure that SSL logs appear in the event log, go to Log&Report > Log Config > Log Setting. Enable Event Logging and select SSL VPN user authentication event and SSL VPN session event.