Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Subscribers 27 subscribers
  • Views 2046 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block clients with no heartbeat

LHerzog

Hello,

can someone please describe in a few words, what "Block clients with no heartbeat" really does?
The one-liner from the online help does'nt really say more than as is shown on the rule options.
I have a problem to understand how this check-box makes sense, when I already select: Minimum HB permitted: GREEN



This thread was automatically locked due to age.
Parents
  • 0

    There is a reason, why you can select both independently. Minimum source HB permitted means: IF there is a HB status, should i do sometimes? So this will only apply to HB clients, no matter what. 

    The checkbox "Block clients with no heartbeat" means, that every client, which does not have a HB, will be blocked. So this checkbox will block every IP, which does not have a HB. 

  • 0 in reply to LuCar Toni
    LuCar Toni said:
    this checkbox will block every IP, which does not have a HB. 

    for this and all rules that may come below this rule?

  • 0 in reply to LHerzog

    HB is not a selection criteria. Its a filter possibility within this rule. The traffic selection is already made (Source, Destination, service). 

  • 0 in reply to LuCar Toni

    so if a client request matches source, destination, service but it has not HB, without the checkbox "Block clients with no heartbeat" would it:

    a) not apply this rule

    b) not log a "block" in the log viewer

    ?

  • 0 in reply to LHerzog

    If the rule applies (First match), XG considers your filter on the rule. 

    The firewall rule and all things will be applied, no matter what. 

    If the minimum HB is not met, it will be blocked.(You select minimum green, the client is RED). 

    If the client does not HB and you select, block Client with no HB, it will be blocked.

  • 0 in reply to LuCar Toni

    sorry, I don't get it

    Cannot see, how it really is useful in a real world scenario. Maybe I have to read your lines tomorrow again and have an anlightenment then. ;-)

  • +1 in reply to LHerzog

    "Block Clients without Heartbeat" = NAC with Sophos Endpoint.

    Green/Yellow/No Restriction Minimum = In Case you clients only with a certain HB status in your network communicating. 

    You need only one rule. Its not a selection criteria, instead only a on top control feature for your desired network.

    You want only HB Clients to communicate through XG? Select the checkbox, XG will block everything else, what does not have a Endpoint installed. 

    You want only green HB Clients talking to WAN? Select green as minimum requirement and block everything without. 

    You have a mixed setup, some clients with EP, some without in one network. Dont select to block Clients without and use HB only if available. 

Reply
  • +1 in reply to LHerzog

    "Block Clients without Heartbeat" = NAC with Sophos Endpoint.

    Green/Yellow/No Restriction Minimum = In Case you clients only with a certain HB status in your network communicating. 

    You need only one rule. Its not a selection criteria, instead only a on top control feature for your desired network.

    You want only HB Clients to communicate through XG? Select the checkbox, XG will block everything else, what does not have a Endpoint installed. 

    You want only green HB Clients talking to WAN? Select green as minimum requirement and block everything without. 

    You have a mixed setup, some clients with EP, some without in one network. Dont select to block Clients without and use HB only if available. 

Children