Skip to main content

Add a device posture policy

Abstract

The OpenVPN Connect app shares device attributes with CloudConnexa during the tunnel connection and periodically after that. You can configure a device posture policy that uses this data to evaluate the device's security and compliance and decide if it is safe to connect and stay connected to CloudConnexa.

The OpenVPN Connect app shares device attributes with CloudConnexa during the tunnel connection and periodically after that. You can configure a device posture policy that uses this data to evaluate the device's security and compliance and decide if it is safe to connect and stay connected to CloudConnexa.

Note

Device Posture is a Beta feature.

Minimum client versions for device posture

For device posture policies to work, the OpenVPN Connect App installed on the device must have a version number equal to or higher than the ones listed below.

  • Windows: OpenVPN Connect 3.5

  • macOS: OpenVPN Connect 3.5

Caution

If a device posture policy is active for a User and the device's Connect App does not meet the minimum version requirements, the user will be unable to connect.

Add a device posture policy

To add a device posture policy, follow the steps below:

  2. Navigate to Users > Device Posture.

  3. Click Add Policy.

  4. In the Policy Details section, provide a Name for the policy and, optionally, a Description.

  5. In the Apply To section, select one or more User Groups for which this policy should apply. You can skip this step to create the policy and assign User Groups later.

  6. You will see a policy block for Windows and one for macOS In the Configuration section. Both those blocks will be switched ON, indicating that devices with both operating systems will be allowed to connect.

  7. To reject connections from devices that run Windows or macOS operating systems, turn the corresponding policy block OFF.

  8. Add a device posture check in the appropriate operating system policy block by selecting one of the Device Posture Checks from the drop-down list and setting the condition for the check to pass.

    Note

    A device has to pass all the checks specified by its operating system for its connection to be accepted.

  9. Click Add another check to add more checks. For information on the different checks, refer to Device attributes for posture checks.

  10. Click Add Policy.

Tutorial showing the addition of a macOS device posture policy

In this section: