Installed in 'NAC Light' mode, the Barracuda VPN Client can enforce Windows Security Center settings on client machines running Windows 7, Windows 8, or Windows 10, so that only healthy clients are allowed to connect. The client security settings are validated via the Barracuda CloudGen Firewall VPN service without requiring the Barracuda Personal Firewall or the Barracuda Access Monitor to be installed on the client machines.
Before You Begin
On the CloudGen Firewall, create and configure a VPN service for client-to-site VPN connections. For instructions, see Client-to-Site VPN. You will select the Windows Security settings via the CloudGen Firewall VPN service.
Step 1. Install the Barracuda VPN Client on the Client Machines
Step 2. Select the Windows Security Settings to Enforce
In your client-to-site VPN template, select the Windows security settings to enforce on client machines.
- In Barracuda Firewall Admin, go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > your VPN service > Client to Site.
- From the Barracuda VPN CA tab, click the Templates tab.
- Click Lock.
- Double-click the template.
- In the Enforce Windows Security Settings section of the Barracuda Templates window, select the security settings that you want to enforce:
- Network Firewall
- Windows Update
- User Account Control
- Virus Protection
- Spyware Protection
- Internet Security Settings
- Click OK.
- Click Send Changes and Activate.
The next time that the Barracuda VPN Client connects to your server, it will query the client machine's Windows Action Center settings while initiating the connection. The connection will only be established if these settings meet the Windows Security settings that you configured in the VPN service.