A client compliancy system is used to gate access to a protected network, such that only clients that are in compliance with a policy are allowed access to the protected network. Clients that are not in compliance are typically assigned to a quarantine network and provided with some remediation mechanism that should allow them to become compliant. Determination of a client's compliance can be done on the client itself, external to the client, or in combination.
Endpoint compliance solutions help customers manage client security by ensuring that all clients are using current signatures, components, patches, and security policy. However, the endpoint compliance solution itself requires management. In particular, the customer must define and configure the required compliance policies. This configuration process is ongoing and difficult, particularly as more client security products are deployed, and as those products are updated. Further, as vulnerabilities are discovered and new viruses are unleashed, the definition of “compliant” can change in real-time. Current endpoint compliance solutions rely on a static definition of client security policy.
What is needed, therefore, are techniques for implementing a dynamic endpoint compliance policy configuration.