The Endpoint Compliance Checks feature on UAG (Unified Access Gateway) provides an extra layer of security for accessing Horizon desktops in addition to the other user authentication services that are available on UAG.

You can use the Endpoint Compliance Checks feature to ensure compliance to various policies such as an antivirus policy or encryption policy on endpoints. Endpoint compliance is checked when a user attempts to launch a remote desktop or application from the listed entitlements.

Endpoint compliance policy is defined on a service running in cloud or on-premises. In case of OPSWAT, endpoint compliance check is performed by either the OPSWAT MetaAccess persistent agent or the OPSWAT MetaAccess on-demand agent on the Horizon Client. The OPSWAT agents communicate the compliance status to an OPSWAT instance running either in cloud or on-premises.

Endpoint Compliance Checks are advanced settings, which can be configured on the Endpoint Compliance Check Provider Settings page. On this page, you can configure compliance check provider information, compliance check time intervals, status codes, and so on.

The Endpoint Compliance Check Provider Settings page also includes settings that provides the option to configure the Unified Access Gateway for hosting the on-demand agent. This configuration allows Horizon Client to download the on-demand agent from Unified Access Gateway when necessary.