Showing results for 
Search instead for 
Did you mean: 

Host Checker game plans

Occasional Contributor

Host Checker game plans

Are there any plans for building more granularity into the realm level enforced host checks?

For example, I currently check for about 10 - 12 different AV vendors (all products) but because I am forced by my administration to give detailed remediation instructions for failed checks, I have to actually build various remediation web pages and present them as role mapped resources if I want to be unambiguous with the user about what actions they need to take (for their specific product) to become compliant.

It would be really nice if detailed remediation pages could be built out from the realm sign-in level so that the users get stopped at the door for non-compliance instead of through role evaluations.

Truthfully, that the product is flexible to do what I'm asking at all is pretty impressive to me but you know how it is... give a customer an inch and they'll ask for a mile.. Smiley Happy

Occasional Contributor

Re: Host Checker game plans

there are no specific plans to build realm level detailed remediation pages at this time. We will consider this as an enhancement request for future releases.


Regular Contributor

Re: Host Checker game plans



Thanks for your interest in our products and don't worry about the 'asking for a mile' bit as here at Juniper we love going the extra mile :-)


Maybe you have already explored these options and they did not fit your requirements however I thought I will list them out as several customers are already stopping end user's at the door (realm level enforcement) for non-compliance.


Option 1: Custom Instructions:

1. "Require and Enforce" your policies at realm level

2. Use the custom instructions to indicate detailed Remedial measures to your end users. 


Option 2: Use Custom sign in page and customize Remediate.thtml  - The limitation of option 1 is that its 'either all or nothing' when it comes to remediation i.e.. If you enforce multiple policies policy and if 2 or 3 of them fail then it will Remediate for all of them. However this can be controlled to a certain degree using the 'Custom Sign In Pages'  framework. Specifically the file remediate.thtml contains the page that is used when Remediation pages are displayed. For example I inserted the below piece of code in the Remediate.thtml file and it will display the message only if the policy 'av1' fails.

            <% IF == "av1" %>
                       <tr valign="top">
                        <td>Did not find AV1 - or your custom message here</td>        
            <% END %>


This is a simple example however using the custom sign in page framework powerful custom login can be built around your requirements. For more details about custom sign in pages you may refer the admin guide and the custom sign in pages solution guide available @ In addition familiarity with HTML, JavaScript, etc and Template Toolkit (the custom sign in pages framework in IVE recognizes template toolkit directives) will go a long way when working with custom sign in pages.


We hope this information helps you design your solution.




Ruchit Sheth
Senior Escalation Engineer

Juniper Networks