Using Trusted Windows Versions in Protected Configurations

Question

Hi all, 
&nbsp;  
&nbsp; I've created a customer Protected Configuration and I'm trying to configure the Trusted Windows Version property of the configuration so that only specific versions of Windows are allowed, e.g. Windows XP SP2. 
&nbsp;  
&nbsp; On the actual properties page there is a field for "Windows Version" and a second field for "Hotfixes" but what I can't work out is the syntax that these fields are expecting. For example in the "Windows Version" field I have tried: 
&nbsp; * WinXP 
&nbsp; * (session.win_info.os_version == "WinXP") 
&nbsp;  
&nbsp; Neither of which seem to work. Similarily I have tried the following in the "Hotfixes" field: 
&nbsp; * hf_SP2 
&nbsp; * EXISTS(session.win_info.hotfixes.hf_SP2) 
&nbsp;  
&nbsp; Again, the above don't seem to work. I've RTFM'd the admin guide and the online help and while both documents list the appropriate session variables neither of them actually document the syntax that is expected when using the "Trusted Windows Version" property of a Protected Configuration, and none of the example Protected Configurations use sessions variable either. 
&nbsp;  
&nbsp; Can someone please steer me in the right direction before my brain spontaneously combusts? 
&nbsp;  
&nbsp; Thanks!

mal_57091 · Answer

Hey Matt, 
&nbsp;  
&nbsp; The best way i've done this in the past (cause there is a million different session variables) is to enable the "Session Variable Dump" under Device Management -&gt; Maintenance -&gt; Troubleshooting tools. Then create a prelogon sequence that checks does an OS Check and then do an Extended Windows Info check. 
&nbsp;  
&nbsp; Once these have set in place open a connection to FirePass from a machine that you want the info from (in your case WinXP SP2) and log in. After you have logged in go back to the FirePass AdminUI and go to Reports -&gt; Logons and select the user account you just logged in with. With Session Variable Dump enabled this page will list out all the info FirePass picked up from the Prelogon Sequence and you can copy and paste the session variables and values you are interested in into your Protected Configuration. 
&nbsp;  
&nbsp; Hope this helps you out. 
&nbsp;  
&nbsp; Cheers, 
&nbsp; Mal

Forum Discussion

Using Trusted Windows Versions in Protected Configurations

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

Related Content

L7 DoS Protection with NGINX App Protect DoS

Beyond REST: Protecting GraphQL

Cookie-based DDoS protection

Protecting gRPC based APIs with NGINX App Protect

Managing NGINX App Protect WAF for Beginners

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS