The zero trust security framework authorizes both users and devices before enabling access to critical applications. Under the tenets of zero trust, only verified devices and users are granted access to assets, applications and systems. Device posture is a measurement of how secure and compliant the device is. By monitoring and enforcing device posture, organizations can prevent malicious devices from accessing sensitive information and critical applications.
InstaSafe ZTAA empowers administrators to ensure that only devices that comply with predefined security policies can access the enterprise applications from the agent.
Device posture attributes available in ZTAA
- AntiVirus Enabled Name
- AntiVirus Installed Name
- AntiVirus Updated Name
- Mac Address
- OS Build Version
- OS Family
- OS Major Version
- OS Minor Version
- System Domain Name
- System MacAddress
- System Serial number
Implementation of Device posture check in ZTAA is a two step process:
- Create a device posture profile dataset.
- Add the device posture profile dataset in Access Policy.
Create Device posture profile in ZTAA
To create a device posture profile dataset in the ZTAA console follow the below steps:
- Click on “Configuration” in the left menu.
- Navigate to the “Data Management” tab.
- Click on the “+” icon to create a new dataset.
- Select the device posture attribute available in the “Select Variable” dropdown.
- Enter the Dataset name and description click on “Add Dataset”.
- Search for the created Dataset and click on Edit.
- Click on the “Records” and add a record value.
Apply Device posture profile in Access Policy
To assign a device posture dataset to access policy perform the below steps:
- Click on “Access Policy” in the left menu.
- Search for the access policy to which you would like to add a device posture dataset.
- Select the Access Policy and click on Edit.
- Navigate to the “Manage Rules” tab.
- Click on the “+Rule” and select the device posture attribute.
- Select the device posture profile dataset and click on “Update Manage Rules”.
After the above configurations are performed, users when they login to the ZTAA agent will not have access to the applications to which they are granted access to if their device does not comply with the configured device posture profile.