Example Configuration

Status Report

APP_XOSS_deviceTRUSTStatusReport_010_Any_Any_Any

Reports the status of the (remote) device to an ELK Stack.
The report contains information about the User logged in, the Location, Hardware information[…] These are separated in two scenarios:

Endpoint & EUC

The application configuration can be adjusted by just changing the scenario to one of the two given.

Combined with the deviceTRUST Host component is all what you need.

StatusReport

Single Security State

APP_XOSS_deviceTRUSTSingleSecurityState_010_W2K19_Any_Any

Displays a message or denies access to the session based on the Security state of the remote device and is for EUC scenario only.

It checks:

  • If the deviceTRUST Client is installed on the device who tries to connect to the Host
  • Checks the Security state of the device (Windows, macOS, Igel[…])
    • If the Firewall is active
    • If real-time protection is enabled
    • For Igel if an “UMS Server” is reachable with a certificate
    • […]

Works with an active or passive mode.

  1. Active
    • Will deny the access to the host if the Security settings do not comply
  2. Passive
    • The user accessing the host will get a Notification that the Security settings do not comply
  3. ActiveADGroup
    • For the entered Active directory group i.e. “demo\dt_security” the mode will be on active. For members who are not member of this group it will remain in passive mode

SingleSecurityState