Starting with ThinLinc 1.4.1, antivirus verification is possible. The client can be configured not to allow login if a local antivirus software is not installed or up to date. Additionally, the client reports the antivirus status to the server, which can also enforce antivirus protection. The section below describes the server configuration. The client configuration is described in Section 7.6, “ Antivirus Verification ”.
Antivirus verification is only available for systems which supports the Security Center (available on Windows XP with Service Pack 2 and later), running the native Windows ThinLinc client. Additionally, the antivirus software must provide a WMI (Windows Management Instrumentation) interface.
When the client logins to a Thinlinc server, it reports the client antivirus status. With this information, the server determines a client antivirus security level. The security levels are described in Section 7.6, “ Antivirus Verification ”. The configuration is done via two parameters below the /sessionstart/ folder:
This parameter defines the enforced security level. If the client antivirus security level is less than the value of this parameter, login will not be allowed. To completely disable antivirus verification, set this parameter to -1.
As a special case, if the client antivirus security level is -1 (the antivirus status could not be determined) and this parameter is true, login is allowed. Set this parameter to true if login should be allowed for clients without Security Center (even when security_level is greater than -1), such as Windows 2000.