The Endpoint Compliance Checks feature on Unified Access Gateway provides an extra layer of security for accessing Horizon desktops in addition to the other user authentication services that are available on Unified Access Gateway.

You can use the Endpoint Compliance Checks feature to ensure compliance to various policies such as an antivirus policy or encryption policy on endpoints, for example.

Endpoint compliance policy is defined on a service running in cloud or On-Premises.

If Endpoint Compliance Checks is enabled, Unified Access Gateway allows only compliant VDI desktops to be launched and blocks launching of all non-compliant endpoints.

Prerequisites

  1. Sign up for an OPSWAT account and register your applications on the OPSWAT site. See https://go.opswat.com/communityRegistration.
  2. Note down the client key and client secret key. You need the keys to configure OPSWAT in Unified Access Gateway.
  3. Log in to the OPSWAT site and configure the compliance policies for your endpoints. See the relevant OPSWAT documentation.
  4. On the OPSWAT homepage, click Connect Metadefender Endpoint Management and download and install the agent software on the client device.

Procedure

  1. Log in to Admin UI and go to Advance Settings > Endpoint Compliance Check Provider Settings.
  2. Click Add to add the Client Key and Client Secret key details.
    The Endpoint Compliance Check Provider and Hostname fields are already filled. Do not change these values.
  3. From the Admin UI, navigate to Horizon settings, locate Endpoint compliance check provider field, and select OPSWAT from the drop-down menu.
  4. Click Save.
  5. Connect to the remote desktop using the Endpoint compliance check provider client.

Results

The configured Horizon View desktops are listed and when you launch a desktop, the client device is validated for compliance.