Integrate with CrowdStrike
With CrowdStrike integration you get access to additional signals that you can use to monitor corporate devices and allow or deny application access.
CrowdStrike offers the Falcon cybersecurity software for endpoint devices.
With EAA CrowdStrike integration, EAA administrators can have access to basic CrowdStrike Falcon endpoint protection data via the CrowdStrike cloud. These signals can be used as part of the EAA application access control configuration, as well as for auditing and inventory purposes. See CrowdStrike’s product details for more information about Falcon endpoint protection.
Additionally, in order for the anti-malware detection feature to detect CrowdStrike as an anti-malware product, Crowdstrike Prevention Policy should have Quarantine & Security Center Registration enabled. To enable this setting go to,in the CrowdStrike portal.
- You must have access credentials to your CrowdStrike administrator portal.
- Install the EAA Client on the end user desktop macOS and Windows devices.
- Install and run the CrowdStrike Falcon Sensor on end user devices. The Falcon sensor must be properly associated with the customer account used to access and configure the CrowdStrike portal mentioned above.
- Authentication to the CrowdStrike API requires a Client ID and Client Secret. You can generate these credentials from the CrowdStrike portal.
- CrowdStrike integration is only supported for desktop (Windows and macOS) devices.
- In order for the integration to work correctly on macOS, the CrowdStrike Falcon utility and OS sysctl utility must be installed and accessible. See CrowdStrike documentation for further details.
To integrate with CrowdStrike, you need to: