Installed in NACv50 Light mode, the Barracuda VPN Client can enforce Windows Security Center settings on client machines running Windows 7, Windows 8, or Windows 10, so that only healthy clients are allowed to connect. The client security settings are validated via the Barracuda CloudGen Firewall VPN service without requiring the Barracuda Personal Firewall or the Barracuda Health Agent to be installed on the client machines.
Before You Begin
On the Barracuda CloudGen Firewall, create and configure a VPN service for client-to-site VPN connections. For instructions, see Client-to-Site VPN. You will select the Windows Security settings via the Barracuda CloudGen Firewall VPN service.
Step 1. Install the Barracuda VPN Client on the Client Machines
On the client machines to be managed, install the Barracuda VPN Client with one of the following methods:
Preconfigured Remote Custom Installation – For instructions, see Fully Preconfigured Custom Installation.
Use at least this parameter:PROGTYPE=VPN
– Selects the VPN-only installation mode.
VPN-Only Installation – The interactive standard installation process. For instructions, see How to Install the Barracuda Network Access/VPN Client for Windows. Select VPN Client as the only feature to be installed.
Step 2. Select the Windows Security Settings to Enforce
In your client-to-site VPN template, select the Windows security settings to enforce on client machines.
In Barracuda Firewall Admin, go to CONFIGURATION > Configuration Tree > Box > Assigned Services > your VPN service > Client to Site.
From the Barracuda VPN CA tab, click the Templates tab.
Click Lock.
Double-click the template.
In the Enforce Windows Security Settings section of the Barracuda Templates window, select the security settings that you want to enforce:
Network Firewall
Windows Update
User Account Control
Virus Protection
Spyware Protection
Internet Security Settings
Click OK.
Click Send Changes and Activate.
The next time that the Barracuda VPN Client connects to your server, it will query the client machine's Windows Action Center settings while initiating the connection. The connection will only be established if these settings meet the Windows Security settings that you configured in the VPN service.