Guides
Secure Access Help Center

Endpoint Attributes

The following sections describe the endpoint attributes that are evaluated.

Table of Contents

Supported Operating Systems

This option checks for the existence of any required operating systems that are needed on the endpoint device.

The operating system hosts and manages your data, applications, and connected devices. Inadequate protections for the operating system could also affect the performance of all of these components and ultimately affect productivity of your users and the organization.

The following sections describe the supported operating systems and package dependencies for Secure Access posture profiles.

Zero Trust Connections

  • Windows
  • Mac OS X
  • Linux (browser-based only)
  • iOS
  • Android (version 14 or later)

VPN Connections

  • Windows
  • Mac OS X
  • iOS

Inadequate protections for the operating system could also affect the performance of all of these components and ultimately affect productivity of your users and the organization.

Firewall Conditions

This option checks for the existence of a firewall on the endpoint device.

  • Windows
    • Require the platform-native firewall to be running on the endpoint device.
  • Mac OS X
    • Require the platform-native firewall to be running on the endpoint device.

Endpoint Security Agents

This option checks for the existence of an endpoint security agent required to be running on the endpoint device.

System Password Enforcement

This option checks whether a system password is required on the endpoint device.

Disk Encryption

This option checks for the existence of disk encryption running on the endpoint device.

Disk encryption ensures that files are always stored on disk in an encrypted form. The files become available to the operating system and applications in readable form while the system is running and unlocked by a trusted user. An unauthorized user inspecting the contents of the disk directly finds garbled random-looking data instead of the actual files.

With user data encryption enabled, the /home directory in the file system is encrypted and user data is available when the system is running. The user /home partition is mounted on a separate disk partition and block level encryption is enabled for that disk.

Supported Browsers

This option checks for the existence of a required web browser on the endpoint device.

Windows Registry Conditions

This option checks for the existence of a registry key or the value of the registry key on the endpoint device.

Windows Domain Join

This option enforces a check to verify if the device has joined a Windows domain. When a device is required to be joined to a Windows domain, you can centrally manage user access, enforce access rules and policies across devices, provide single sign-on (SSO) to network resources like shared files and printers, and simplify administration by allowing IT teams to control user permissions and device settings from a single location within the domain.

File Conditions

This option checks for the existence of a file, the date of a file, and the versions of a file on the endpoint device.

Process Conditions

This option checks if an application or process is running or not running on the endpoint device.

Certificate Conditions

This option checks if any required server certificates are present and valid on the endpoint device.

Manage Endpoint Security< Endpoint Attributes > Manage Zero Trust Access Posture Profiles

Updated 7 days ago