Desktop Agent Profile - End Point Security - Access Policies

Details of end point security access politices section of ThinScale Desktop Agent Profile Editor.

Written by Diego

Last published at: November 21st, 2024


 Access policies are configurations that allow administrators to set specific requirements that must be met for users to launch the ThinScale Desktop Agent (TDA) client fully. These policies can include various conditions and rules that evaluate the state of the user's system, such as checking for specific software versions, hardware configurations, or security settings. This is the same for on-prem and CLoud the only difference is the way the UI is presented to the Administrators.

 

SERVER ON PREM

END POINT SECURITY - ACCESS POLICIES

 

 

Passive mode
If enabled, any rules added to the list will always be allowed to execute.


Enable rule logging
If enabled, the administrator can retrieve information about the rules that have been running from the TDA logs file.


Startup Rule Group
If enabled, the rule created inside this group will run when the TDA session starts.


Repeat Rule Group
If enabled, the rule created inside this group will run inside the TDA session every X minutes.


Please refer to the Knowledge Base article for more info.


 

END POINT SECURITY - ACCESS POLICIES RULE GROUPS

 

 



END POINT SECURITY - WINDOWS UPDATE SETTINGS

 

 

Only updates older than
If enabled and “Close TDA” is selected, users must install only available updates older than the specified days, or they will not be able to use Secure Remote Worker. If enabled, and “Allow to Continue” is selected, the user can launch TDA.


Only definition updates older than
If enabled and “Close TDA” is selected, users must install only available definition updates older than the specified days, or they won’t be able to use TDA. If enabled, and “Allow to Continue” is selected, the user can launch TDA.


Ignore the following updates
If enabled, all the updates specified in the list will be ignored.
 

Note: A manual check will be necessary if an update is added to the list.

 

 

Only include the following updates
If enabled, only specific updates in the list will need to be installed.


Ignore 3rd party driver updates
If enabled, all the 3rd party drivers’ updates will be ignored.


 

END POINT SECURITY - NETWORK
 



Perform Download test
If enabled, the download test against the Hostname section will be performed for X seconds.


Perform Upload test
If enabled, the upload test against the Hostname section will be performed for X seconds.


Hostname
The URL address where the test will be run against.


Perform TCP Ping
If enabled, the TDA will verify network connectivity against that specific hostname and port number.

 
 

DEVICE PORTAL

SECURITY PROFILE - ACCESS POLICIES 

 

 

Passive mode
If enabled, any rules added to the list will always be allowed to execute.


Enable rule logging
If enabled, the administrator can retrieve information about the rules that have been running from the TDA logs file.


Startup Rule Group
If enabled, the rule created inside this group will run when the TDA session starts.


Repeat Rule Group
If enabled, the rule created inside this group will run inside the TDA session every X minutes.
 

SECURITY PROFILE - ACCESS POLICIES RULE GROUPS

 



SECURITY PROFILE - WINDOWS UPDATE SETTINGS

 

 

Only updates older than
If enabled and “Close TDA” is selected, users must install only available updates older than the specified days, or they will not be able to use Secure Remote Worker. If enabled, and “Allow to Continue” is selected, the user can launch TDA.


Only definition updates older than
If enabled and “Close TDA” is selected, users must install only available definition updates older than the specified days, or they won’t be able to use TDA. If enabled, and “Allow to Continue” is selected, the user can launch TDA.


Ignore the following updates
If enabled, all the updates specified in the list will be ignored.
 

Note: A manual check will be necessary if an update is added to the list.

 

 

Only include the following updates
If enabled, only specific updates in the list will need to be installed.


Ignore 3rd party driver updates
If enabled, all the 3rd party drivers’ updates will be ignored.


 

SECURITY PROFILE - NETWORK
 



Perform Download test
If enabled, the download test against the Hostname section will be performed for X seconds.


Perform Upload test
If enabled, the upload test against the Hostname section will be performed for X seconds.


Hostname
The URL address where the test will be run against.


Perform TCP Ping
If enabled, the TDA will verify network connectivity against that specific hostname and port number.

 

Public IP Address CHange Mask

If enabled, the TDA will verify network connectivity against that specific hostname and port number.