- Watch an interactive demo to Configure Device Profiles - CrowdStrike
Skyhigh SSE platform enables customers to create Zero trust device policies using a combination of native Zero Trust Assessments capabilities such as OS version, presence of registry key, Antivirus(On/Off) and more to assess device posture. CrowdStrike performs zero trust assessment and provides various scores like OS score, sensor score, and overall score of the client. By using a combination of these scores, we can enforce powerful Zero Trust Assessment of devices before allowing access to private applications via Skyhigh Private Access.
Before you Begin
- Download the latest SCP build.
Note: The CrowdStrike Integration reads Zero Trust Assessment scores pushed locally to each endpoint by CrowdStrike.CrowdStrike Falcon requires a Feature Flag to be enabled for a Customer ID (CID) to allow ZTA data files to be pushed to endpoints. The Feature Flag to distribute ZTA files to endpoints –
zta_distribute_payload – can only be enabled by opening a case with CrowdStrike Support with the request for the Feature Flag
zta_distribute_payload be enabled.
Ensure that you have installed CrowdStrike on your system before using it as integration option.
Go to Setting > Infrastructure > Web Gateway Setup > Configure SCP > Manage SCP > Global Configuration to enable CrowdStrike in Device Risk Assessment settings to use the CrowdStrike integration option.
Configure CrowdStrike Integration
- Go to Settings > Infrastructure > Web Gateway Setup.
- In the Configure Device Profile section, click New Device Profile.
- In the Name box, enter the name of the device profile.
- In the Select Device Risk Assessment section, select CrowdStrike from the dropdown option.
- Complete the following fields:
- CrowdStrike ID — Enter the valid CrowdStrike customer ID.
- OS Score — The possible operators are == (equals), >= (greater than or equal to), > (greater than), <= (less than or equal to), < (less than). In the Value field, specify the OS score between 0 to 100.
- Sensor Score — The possible operators are == (equals), >= (greater than or equal to), > (greater than), <= (less than or equal to), < (less than). In the Value field, specify the Sensor score between 0 to 100.
- Overall Score — The possible operators are == (equals), >= (greater than or equal to), > (greater than), <= (less than or equal to), < (less than). In the Value field, specify the Overall score between 0 to 100.
- Click Save and Publish the changes.
CrowdStrike ZTA score is not stored in a JWT on the local machine by default. Contact Crowdstrike support to enable the
Match CrowdStrike Profile with PA Policy
- Go to Settings > Access Control > Private Access Policy.
- In the Private Access Policy page, select the Device Profile as the Criteria.
- In the Value option, select CrowdStrike to view all the configured CrowdStrike profiles.
- Click Done.
- Choose the required Action from Select Action and enable the rule.
- Publish the changes.