Hi All,

Not sure if this belonged in VPN discussion / Firewalling etc.. may try re-posting there if I get no bites here.

I've been working on a config to test if users connecting via SSL VPN have AV of some kind installed on their system, and if not to deny connection.

I've gone through everything I could read on DAP and CSD host scanning.. they cover the Advanced Endpoint Assessment extensions of Host Scanning, but they gloss over the basic Endpoint Assessment extension and it's configuration options.

AEA is an additional license, so I want to avoid using that if possible.  It sounded like from their one liner in the documentation that regular old EA could satisfy what I need to put into a DAP (judging if a given piece of AV was present on a connecting endpoint).  If you have experience with basic EA please let me know whether it can satisfy my requirements and ideally point me in the direction of some documentation/configuration examples.

(Also in case it comes up, I don't need to ENFORCE anti-virus, just check it's presence, and my understanding was that the advantages of AEA were it's ability to force av and local firewall policies - which I don't need).

Thanks in advance,

Kindest Regards,

ALAN