We have a requirement to provide Anti-Virus/Malware scan for guest devices that will be using our guest SSID. The guest users are sponsor by a corporate users. There guest users are granted access via a Captive Portal and they are dump into a DMZ with internet access only and no communication between other guest devices.
Most of what I have research all seem to require an agent or plug-in to be installed on the end-user device to allow the scanning of the device.
Does anyone know of a Vendor or product that can support this requirement without having to install anything on the client device?
Would you connect your laptop to a network that could force a scan of all your files? There is no way to restrict the scan to malware. Everything needs to be scanned: documents, applications, operating system, boot blocks, loaders... If there were such a mechanism it would be misused for things like espionage. Think about an airport Wi-Fi scanning everything that goes by.
That's why the client needs to install an agent to do the scanning. The installation requires consent. (I'm not installing any.) Your captive portal can then communicate with the agent before allowing access.