What is a Remote Policy Device Configuration?

A Remote Policy Device Configuration is when data is collected on one device (an endpoint) and processed on a different device used for making policy determinations (the policy device)

The OESIS V4 Vulnerability Module is designed such that it can be deployed on a Remote Policy Device instead of on endpoints. In order for this to work OESIS V4 or OESIS V3 must be deployed on endpoints and OESIS V4 + Vulnerability Module must be deployed on the policy device. For OESIS V4 endpoints certain Vulnerability Module methods can be specified in the input to GetEncryptedVulnerabilityRequest which will then collect the necessary data and product information and create an encrypted output string which can then be transmitted (externally by whatever means) to the policy device where it serves as the input for ProcessEncryptedVulnerabilityRequest which will then process and return the policy results for the endpoint. For OESIS V3 endpoints a similar functionality is provided to that obtained with the OPSWAT UpdateVerify SDK. Antimalware product and defintion information is collected on the endpoint through the OESIS V3 SDK. This information is then transmitted (externally by whatever means) to the policy device where it will need to be formatted to serve as the input to PerformOesisMonitorQuery (for single product inputs) or PerformBulkOesisMonitorQuery for bulk inputs. Policy results will then be returned in the output. Currently it is required that an internet connection is provided on the policy device from the OESIS V4 integration to the OPSWAT cloud services api. In the future some offline capability may be provided as well.