- Please complete the EPP integration guide(s) below before taking any actions on the Timus Manager. Without taking the needed permission configuration actions of the EPPs below, the EPP integrations will not work as expected.
Microsoft Defender for Endpoint Integration Guide
SentinelOne for Endpoint Integration Guide
Bitdefender for Endpoint Integration Guide
- To be able to enable the EPPs, BitDefender, SentinelOne or Microsoft Defender, you need to go to the page Settings -> Integrations.
BitDefender:
- Once you enable BitDefender, you need to enter the API Key and Management URL to activate it. After entering the needed fields, you need to click on Confirm.
SentinelOne:
- Once you enable SentinelOne, you need to enter the API Key and Management URL to activate it. After entering the needed fields, you need to click on Confirm.
Microsoft Defender:
- Once you enable Microsoft Defender, you need to enter the Tenant ID, Client ID and Client Secret to activate it. After entering the needed fields, you need to click on Confirm.
- After enabling the EPP, you will be allowed to configure the Device Posture Checks. In order to configure it, you need to go to the page Zero Trust Security -> Device Posture Checks.
- If you want to create new Device Posture Checks, you need to click on Create New as shown in the image above. If you have already got some Device Posture Checks, it will be listed as shown in the image above as well.
- Once you click on Create New, you will see the page as shown in the image below. This page has 2 tabs, General and Attributes. Without entering the field on the tab General, you are not allowed to skip to the Attributes tab.
Assigned Operating Systems:
Select the operating system for which you wish to perform device posture check. Please note that only one posture check can be created for each operating system.
- Windows
- macOS
- Linux
- Windows Server
- iOS
- Android
- After you assign the Operating System and enter the required fields, you can click on Save. You will be able to configure the tab Attributes now. You need to click on Add Attribute as shown in the image below.
- Device Posture Check will fail if any attribute value is missing: Enable this option to fail the device posture check if any attribute values are missing, ensuring only complete datasets pass the check.
Data Source:
Select the source from which the attribute data is retrieved. This data source provides the information used to evaluate the device posture.
- BitDefender
- Microsoft Defender
- SentinelOne
Attribute:
Choose the specific attribute that is gathered from the data source.
The Attributes if the Data Source has been selected as either BitDefender or Microsoft Defender.
- Antivirus Agent Outdated
- Antivirus Agent Signature Outdated
- Antivirus Agent Signature Update Disabled
- Antivirus Agent Update Disabled
- Device Infected
- Disk Encryption
- Agent Installed
- Malware Detected
- Operating System
- Risk Score
The Attributes if the Data Source has been selected as SentinelOne.
- Antivirus Agent Outdated
- Device Infected
- Disk Encryption
- Agent Installed
- Operating System
Condition can be is any of or is equal to depending on the Attribute you have selected.
Pass Value: Define the expected value that the attribute must have to pass the check. It can two options, True and False.
After you define the Attribute successfully, you will see a pop-up as shown in the image below.
After completing the Device Posture Checks process, you can use ZTNA to apply some policies for the users. To be able to do it, you need to go to the page Zero Trust Security -> Behaviors -> Create New as shown in the image below.
Once you click on Create New, you need to enter a Name and select Device Posture Check as a Type.
And, you need to select your Device Posture Check, which you have named it, and decide if the Trigger is Passes or Fails as shown in the image below.
After creating the behavior, you need to go to the page Zero Trust Security -> User Sign-in Policies -> Create New as shown in the image below.
After clicking on Create New, you will be able to see the pop-up, which will allow you to define some ZTNA policies based on the behavior, which you have created, based on the Device Posture Check.
You can modify the example policy as shown in the image below according to your needs.
Here is an example ZTNA policy based on the Device Posture Check below.
If you would like to get more details regarding ZTNA policies in general, you can take a look at the article User Sign-In Policy.
0 comments
Please sign in to leave a comment.