Device Posture Check

Print Friendly, PDF & Email

The Device Posture Check feature ensures all the devices accessing critical enterprise applications are authorized and protected. It defines the scale of security and compliance of the device.

Device Posture Check Benefits

  • The Device Posture Check feature empowers administrators to ensure that only devices that comply with predefined security policies can access the enterprise applications.
  • The Device Posture feature provides a set of criteria evaluated on devices to enable a minimum-security level over the device before allowing access.

Implementation of Device Posture Check is a two-step process:

  1. Adding or Importing an attribute record values as a list.
  2. Creating a device posture rule based on the attributes.

Adding or Importing an attribute record values as a list

Device Posture allows or denies access to the applications based on a Device Posture (DP) Rule. You can create a Rule with the supported attributes. The must-have Attributes are as follows:

  • Windows OS Edition-Version
  • macOS Edition-Version
  • Linux OS Edition-Version
  • Antivirus Installed
  • Hostnames
  • MAC Addresses
  • IPv4/IPv6 Addresses
  • Device Serial Numbers
  • Domain Joined

To create a list of attributes, follow these steps,

  1. On the Add List page, provide a List Name.
  2. Select the List Type.
  3. Provide Description
  4. Depending on the selected List Type in step no. 3, fill in the data. You can attach a file to provide the attribute list data. It is recommended to download a template and re-upload it by adding record values. If any record value is added in the first row shall be ignored.
  5. Note:
    While uploading a list, all the entries are added in the first column only.

  6. Click Next. The Attribute List page appears as follows,
  7. Click Add.
  8. A message ‘Attribute List is successfully added.’ appears.

Creating a device posture rule based on the attributes

To create a device posture check rule, follow these steps,

Note:
The Device Posture Check Rule is applicable for Agent-Based applications only.

  1. Click Add Device Posture.
  2. The Add Rule pagestrong> appears. Enter a Device Posture (DP) Rule Name. Provide Description.
  3. Select Attributes and corresponding Attribute Lists from the drop down.
  4. Note:
    If the multiple attributes configure the Device Posture Check Rule, then AND operation would be performed on all the selected attributes. Only for Windows Edition-Version, macOS Edition-Version and Linux Edition-Version attributes OR operation would be performed.
    For example, if for a Device Posture Check Rule, the selected attributes are as follows,

    • Windows OS Edition-Version
    • macOS Edition-Version
    • Linux OS Edition-Version
    • Antivirus Installed
    • Hostnames

    Then while implementing the Device Posture Check Rule, the device should have

    • the antivirus installed, AND
    • the hostname should be as selected, AND
    • the device can have any of the OS Edition-Version out of three (Windows OS Edition-Version OR macOS Edition-Version OR Linux OS Edition-Version).
  5. You can provide Exception Device Name to which you do not want the DP Rule to be applied. The devices mentioned in the exception list will be excluded from rule evaluation, and no policy will be enforced.
  6. Click Add Rule.
  7. Once the DP Rule gets added successfully, the DP Rule Details Page appears. It displays the DP Rule details along with selected attributes.

Note:
If a user cannot access applications post the Device Posture Check Rule implementation, the user needs to check the Devices > Action Logs tab. If the user’s device does not meet the criteria, HawkkProtect Agent will be disabled on that device. You can find out from the Action Logs tab.

You can enable or disable the DP Rule with the toggle option provided on the DP Rule Details page.

Actions available with Attributes

When you hover over each attribute record, the following options appear on the right side next to the Last Edited On column.

Action Icon Action Label Description
Edit Edit To edit the details of the attribute.
Delete Delete To delete the attribute.
right arrow Side bar To view the details of the attribute in the right panel.

Click the Attribute to view the details in the right pane as follows,

right arrow

Was this page helpful?