Zero Trust Assessment-based policy
-
Log into the Beyond Identity Admin Console and select Policy from the left menu.
-
From the Policy page, select Edit Policy > Add Rule.
-
Refer to the following steps to configure a policy to suit your requirements.
Write a policy using the Zero Trust Assessment Score attribute
To write a policy to continuously validate device posture before allowing access, refer to the following steps. A higher score indicates a better security posture.
-
Under the Integration attribute drop-down menu, select Crowdstrike Falcon, and then configure a Zero Trust Assessment Score.
-
Configure additional attributes if needed.
-
Click Add.
IMPORTANT: If the data.zta file is empty, contact support@crowdstrike.com and request that they enable the data.zta and CrowdStrike Falcon Insight Zero Trust Assessment (ZTA) feature.
Check CrowdStrike Installation Status
To write a policy to ensure only devices integrated with CrowdStrike Falcon are allowed to authenticate and/or add devices:
-
Under the Integration attribute, click Add attribute and then select the following from the drop-down menus:
-
CrowdStrike Falcon
-
Device Found
-
Yes or No (in this example, No is selected)
-
-
Under Then, select Deny.
-
(Optional) Configure any additional attributes.
-
Click Add.
Quarantine Action
Write a policy to allow or deny a device to authenticate and/or add devices. In the following example, write a policy to ensure only devices integrated with CrowdStrike Falcon are allowed to authenticate and/or add devices.
-
(Optional) Select the appropriate transaction type. For all transaction types, leave the field blank.
-
(Optional) Add specific users. For the rule to be applied to all users, leave the field blank.
-
(Optional) Select the appropriate device platform. In this example, Windows.
-
Select the appropriate integration type or leave the field blank.
-
(Optional) Select the desired Authentication version.
-
Under Then, select Deny.
-
Click Add Attribute and select CrowdStrike Quarantine from the AND drop-down menu.
-
Click Add.
Comments
0 comments
Please sign in to leave a comment.