Add a Client-Based Zero Trust Access Posture Profile

Configure a client-based Zero Trust Access posture profile to define posture requirements for endpoint devices that connect to private resources. Cisco Secure Client must be installed on the endpoint device, and Secure Access checks the requirements when the device connects to the network.

Note: Each requirement is optional, and requirements can be configured in any order. However, endpoints must meet all conditions of any configured requirement.

Table of Contents

• Prerequisites
• Procedure

Prerequisites

• Full Admin user role. For more information, see Manage Accounts.

Procedure

1. Navigate to Secure > Profiles > Endpoint Posture Profiles.

2. For Zero Trust Connection, click Add Posture Profile and choose Client-based.

3. Give your posture profile a good descriptive Name.
4. For the Operating System option, choose the operating systems for your profile. Click Save and Exit or Next to select endpoint security agents. See Supported Operating Systems.

5. For the Firewall option, choose the firewall for your profile. Click Save and Exit or Next to select endpoint security agents. See Firewall Requirements.

6. For the Endpoint security agent option, choose an endpoint security agent for your profile. Click Save and Exit or Next to select Windows registry entries. See Endpoint Security Agents.

7. For the System password option, choose whether to enforce a system password for the endpoint. Click Save and Exit or Next to select disk encryption. See Endpoint Security Agents.

8. For the Disk encryption option, choose the disk encryption package(s) for your profile. Click Save and Exit or Next to return to the OS requirements. See Disk Encryption.

9. Review and finalize the profile.

---

Manage Zero Trust Access Posture Profiles < Add a Client-based Zero Trust Access Posture Profile > Add a Browser-based Zero Trust Access Posture Profile