EPA scan classification types on Windows client
Important:
Endpoint Analysis is intended to analyze the user device against pre-determined compliance criteria and does not enforce or validate the security of end-user devices. It is recommended to use endpoint security systems to protect devices from local admin attacks.
The following new classification types are added to the EPA scan for missing patches. The EPA scan fails if the client has any of the following missing patches.
- Application
- Connectors
- CriticalUpdates
- DefinitionUpdates
- DeveloperKits
- FeaturePacks
- Guidance
- SecurityUpdates
- ServicePacks
- Tools
- UpdateRollups
- Updates
Note:
Earlier, the EPA scans for missing patches were done on the severity levels; Critical, Important, Moderate, and Low on the Windows client.
Configure the EPA scan classification types by using the GUI
- Navigate to Citrix Gateway > Policies > Preauthentication.
- Create a new preauthentication policy or edit an existing policy.
- Click the OPSWAT EPA Editor link.
- In Expression Editor, select Windows > Windows Update.
- In Shouldn’t have missing patch of following windows update classification type, select the classification type for the missing patches.
- Click OK.
Customers can upgrade to the OPSWAT version 4.3.2744.0s to use these options.
References
- For details about the Windows server update services classification GUIDs, see https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85).
- For the description of the Microsoft software updates terminology, see https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates.