Mac Detection Policy
最終更新日:2023-08-16 18:39:24
1. Usage Scenario
Mac Detection Items refers to the items or objects that can be detected by a Mac operating system, like installed programs, drivers, or updates. ESA has integrated with Mac detection items to ensure that the user’s login from a Mac operating system will be checked and confirmed to be secure enough to access the applications.
This feature only available on users with Premium bundle
2. Operation Steps
1) Go to Endpoint Security–>Compliance Check–>Config Policy, add New
2)Fill in the necessary information and click Next
| Policy Name | Explanation |
|---|---|
| Policy Name |
Define the name of the policy |
| Status | Configures to enable/disable the policy when it is created |
| Prompt Method | It configures when to prompt notice when risky events are detected. Available value: 1) Prompt risky notice at login: the client will pop out to notify that there are risky events been detected when user login to ESA client 2) Prompt risky notice at every check: the client will pop out to notify that there are risky events been detected every time the ESA client conducts device check. It works together with Detect Interval. 3) Don't prompt: do not pop out notice even when risky events been detected |
| Detect Interval | Configures the time interval for ESA client to conduct device compliance check. For example, if set to 30mins, the ESA client will perform compliance check every 30 minutes. No matter what Interval has been configured, the client will conduct compliance check at login. |
| Description | Enter description to better understand the connector |
| Apply to User | Defines which users will be assigned to the policy. To avoid policy confliction, one user can only be assigned to one compliance check policy |
3)Enable the items you want to perform the compliance check and configure the deduct scores for each enabled items, then click Next.
See detail information of each items below:
| Field Name | Explanation | Configuration Examples |
|---|---|---|
| Credit Device Detection | Check whether the device is on ESA authorized device list | Deduct score =10 means: if user is login from a device that is not on ESA authorized devicee, user's trust score will be deducted 10 points |
| Firewall Status Detection | Check if Windows Firewall is turned on | Deduct score =10 means: if user is login from a device without firewall turning on, user's trust score will be deducted 10 points |
| Computer Name Detection | Check whether the computer name meets the specific requirements | Name format=ALEX-TEST *, deduct score =10 means: if user is not login from a device with computer name start with ALEX-TEST, user's trust score will be deducted 10 points |
| Operating System Version Detection | Check whether the computer operating system version meets the requirements | OS version>13.0, deduct score =10 means: if user is login from a device which OS is lower than 13.0, user's trust score will be deducted 10 points |
| Client Version Detection | Check whether the ESA client version is greater than the specified version | Client version>=2.22.0, deduct score =10 means: if user is login from an ESA client with version lower than 2.22.0, user's trust score will be deducted 10 points |
| Disk Encryption Detection | Check whether the computer has disk encryption turned on | Deduct score =10 means: if user is login from a device which disk encryption is not enabled, user's trust score will be deducted 10 points |
| Screen Saver Detection | Check whether the screen saver is on | Deduct score =10 means: if user is login from a device which screen saver is not enabled, user's trust score will be deducted 10 points |
4)Move the buoy on score bar to define the risk level
Take following configuration as an example, when a user’s trust score is:
- <=60, the user will be marked with Critical Risk
- 60-70, the user will be marked with High Risk
- 70-80, the user will be marked with Medium Risk
- 80-90, the user is with low risk
- 90-100, the user is safe
5) Click Submit to finish the policy configuration
6)Back to policy list, you will see the new policy. Click Management if you need to adjust the configuration.
