The ingress client configuration sets the relevant parameters of device access, including ingress client authentication configuration, ingress client push configuration, ingress client download, ingress rule exclusion, etc. This function will refer to the configuration here in the endpoint check policy.

Ingress client authentication configuration

• There are two ways to authenticate via ingress client: Enable Ingress Client 802.1x or Enable portal authentication.

• Set ingress client uninstallation password: Check this option to enable the ingress client anti-uninstallation function. Uninstalling the ingress requires a password to complete the uninstallation. The anti-uninstallation takes effect only after the endpoint successfully obtains the check policy.

• Set ingress client to find gateway address: automatically obtain gateway and specify gateway address.

Remind users to install Ingress Client

It is not supported to run the access systems endpoints such as MAC, mobile endpoint, or dumb endpoint (this option is effective for all endpoints) after selecting.

It will not be pushed if you do not check the non-windows endpoint. It needs to be manually installed by the administrator or pushed through the AD domain.

• Reject Internet Access: Internet access of the endpoint that does not install the ingress client is prohibited.

• Allow Internet access: The endpoint not installing the ingress client can access the Internet.

Download Ingress Client

After updating the ingress client function configuration, please click Commit to download. There are two ways to install the ingress client: the MSI and EXE installation packages. (The AD domain transparent installation ingress configuration method document is in the installation package).

Ingress Rule Exclusion

Ignore the patches detected by the patch check rules at the specified level without prompting and network control.