This article describes how to configure the frequency of EPA post authentication scans on NetScaler Gateway.

Background

You can configure NetScaler Gateway to run the post-authentication policy at specified intervals. For example, you can configure a client security policy to check for wireshark.exe process on client machine and you further want it to check for that process on the user device every 1 minute after successfully passing the EPA scan and connecting to VPN. If this process is not running then EPA scan should logout the user from VPN session.

---

Instructions

Important! The frequency check functionality for postauthentication policies work only with the NetScaler Gateway Plug-in. If users log on with Citrix Receiver, the endpoint analysis scan runs at logon only.

Complete the following steps to configure the frequency of EPA post authentication scans on NetScaler Gateway:

Navigate to NetScaler Gateway > Policies > Session > and create a Session Profile.
On Security tab > enable Advanced Settings and configure the client security expression with frequency of 1 minute as shown in the following screen shot:

After Authentication on NetScaler Gateway page, this policy will be evaluated and will allow access, only if wireshark.exe process is running on client machine.

After successfully connecting, if wireshark.exe process is not running, then as configured NetScaler EPA will log out the user from VPN session as EPA check will fail.

This article describes how to configure the frequency of EPA post authentication scans on NetScaler Gateway.