Device Posture Profiles

Manage device posture profiles that you can use in secure access rules to allow or deny connections to your corporate resources using certain devices.

A device posture profile specifies a set of security-related criteria, such as the operating system, firewall policy, antivirus software, and disk encryption. A device must meet the criteria to be considered as compliant with your organization's security policies. With device posture profiles, you can define and enforce secure access rules so that users can only connect to a requested internal app if they use a "healthy" device.

Note:

Device posture profiles can be applied to the following:

  • Private access rules

Trend Micro Vision One provides two default device posture profiles, one for Windows endpoints and the other for macOS endpoints. Each default profile checks only the operating system, regardless of any other device posture criteria. The default profiles cannot be edited or deleted.

Important:

To use this feature for device posture validation, make sure you have deployed the Secure Access Module to your users' devices and instructed them to grant required permissions. For more information about the required permissions, see Secure Access Module System Requirements.

The following table outlines the actions available on the Device Posture Profiles tab.

Action

Description

Add a device posture profile

  1. On the Trend Micro Vision One console, go to Zero Trust Secure Access > Rule Objects.

    The Device Posture Profiles tab appears.

  2. Click Add Device Posture Profile and follow the instructions to add a device posture profile.

    For more information, see Adding a Device Posture Profile.

Check device posture profile details

View the basic information about a device posture profile, including the operating systems that the profile applies to and the number of rules that are using the profile.

Click the number under Associated Rules to view or edit the details of each associated rule.

Configure a device posture profile

Click in the Action column to change the basic information about a device posture profile.

Click in the Action column to delete a device posture profile from Trend Micro Vision One.

To delete more than one device posture profile, select the profiles and click Delete in the upper left.

Note:

Only the device posture profile that is not in use by any secure access rule can be deleted.