About Device Posture

Device Posture helps you to protect your applications and reduce security risks. It lets you establish trust in devices that comply with security policies and deny access to devices that don't meet security criteria.

With Device Posture you can:

Capture device signals
Device Posture collects security-related device data, such as OS and browser version, disk encryption and antivirus status. With this data you can define and enforce application access control policies.

The table below contains signals and information collected from desktop and mobile devices and reported to the back end systems.

Desktop devices Mobile devices
  • Anti-malware characteristics
  • Certificate characteristics
  • Device name and ID
  • Device local user and IdP username
  • Device signal last update time
  • Disk encryption status
  • EAA Client version and status
  • ETP Client status
  • Installed web browser(s) and versions
  • OS version
  • Signal update time
  • System firewall status
  • Additional signals collected from third-party integrations (respective product licenses are required)
  • Biometrics status
  • Device name and ID
  • EAA Client version
  • IdP username
  • Jailbreak status
  • OS and version
  • Screen lock status
  • Signal last update time
Assess device risk
You can create a device risk assessment profile based on signals collected from each device. This data allows you to evaluate the device risk status and build a risk database for analysis. See Configure device risk assessments.
Control devices that access enterprise applications
You can create policies that classify devices into low, medium, high risk tiers and set rules to include a selected set of devices into a specific tag. With tiers and tags you can apply access control rules (ACLs) customized per application. See Control access to applications.
Collect additional signals with CrowdStrike, ETP, and VMware Carbon Black integrations
Akamai Enterprise Threat Protector (ETP) provides you with a list of compromised devices on an hourly basis. CrowdStrike Falcon sensor collects additional data that you can apply to the EAA application access control rules. VMware Carbon Black Predictive Security Cloud also collects additional data that you can apply to EAA application access control rules. Those integrations improve endpoint security and help you to protect your organization against cyberattacks. See Integrate with ETP, Integrate with CrowdStrike, and Integrate with VMware Carbon Black
Monitor and analyze the posture of devices
The Device Posture dashboard provides you with an overview of devices health. As an administrator you can also filter device inventory and history data, prepare reports and troubleshoot issues. See Device Posture dashboard and Device Posture reports.
Receive remediation and notification messages
When a device is denied access to an application because of device posture, the end user receives a notification explaining the reason why this device was blocked. Remediation messages provide end users with a corrective action to take, which lets them resolve device issues and reduces calls to the help desk. See EAA Client for desktop devices.