This article explains the process of enabling EPP and Device Posture Check configurations on Timus Manager.

To be able to enable the EPPs, BitDefender, SentinelOne or Microsoft Defender, you need to go to the page Settings -> Integrations.

BitDefender:

Once you enable BitDefender, you need to enter the API Key and Management URL to activate it. After entering the needed fields, you need to click on Confirm.

SentinelOne:

Once you enable SentinelOne, you need to enter the API Key and Management URL to activate it. After entering the needed fields, you need to click on Confirm.

Microsoft Defender:

Once you enable Microsoft Defender, you need to enter the Tenant ID, Client ID and Client Secret to activate it. After entering the needed fields, you need to click on Confirm.

After enabling the EPP, you will be allowed to configure the Device Posture Checks. In order to configure it, you need to go to the page Zero Trust Security -> Device Posture Checks.

If you want to create new Device Posture Checks, you need to click on Create New as shown in the image above. If you have already got some Device Posture Checks, it will be listed as shown in the image above as well.

Once you click on Create New, you will see the page as shown in the image below. This page has 2 tabs, General and Attributes. Without entering the field on the tab General, you are not allowed to skip to the Attributes tab.

After you assign the Operating System and enter the required fields, you can click on Save. You will be able to configure the tab Attributes now. You need to click on Add Attribute as shown in the image below.

Device Posture Check will fail if any attribute value is missing: Enable this option to fail the device posture check if any attribute values are missing, ensuring only complete datasets pass the check.

After you click on Add Attribute, you will see a pop-up as shown in the image below to configure.

Attribute: Choose the specific attribute that is gathered from the data source.

Condition can be is any of or is equal to depending on the Attribute you have selected.

Pass Value: Define the expected value that the attribute must have to pass the check. It can two options, True and False.

After you define the Attribute successfully, you will see a pop-up as shown in the image below.

After completing the Device Posture Checks process, you can use ZTNA to apply some policies for the users. To be able to do it, you need to go to the page Zero Trust Security -> Behaviors -> Create New as shown in the image below.

Once you click on Create New, you need to enter a Name and select Device Posture Check as a Type. And, you need to select your Device Posture Check, which you have named it, and decide if the Trigger is Passes or Fails as shown in the image below

After creating the behavior, you need to go to the page Zero Trust Security -> User Sign-in Policies -> Create New as shown in the image below.

After clicking on Create New, you will be able to see the pop-up, which will allow you to define some ZTNA policies based on the behavior, which you have created, based on the Device Posture Check. You can modify the example policy as shown in the image below according to your needs.

Here is an example ZTNA policy based on the Device Posture Check below.

If you would like to get more details regarding ZTNA policies in general, you can take a look at the article User Sign-In Policy.