Product updates

NordLayer services in review: Device Posture Security


NordLayer features in review Device Posture Security cover

Mobility and device versatility make business digital possibilities nearly endless. However, overcoming one technical or security challenge means another will soon emerge. Just like enabling secure remote user access to the company network raises another issue for IT administrators — how to ensure only compliant devices enter the network?

Customized internal policies must be synced with the organization’s business model and sensitive data levels. Specific rules define how identities are managed to access the company network; on another security level, they are redistributed to access unrestricted resources.

In this process, the absent layer of security guarantees entering devices match the set organization's security criteria to prevent potential security breaches. Companies can address this challenge by adopting Zero Trust Network Access-based endpoint controls.

DPS

A service like Device Posture Security provides a comprehensive solution for organizations looking to bolster their security. By monitoring – and, if required, blocking – devices that connect to the company network, organizations can mitigate risk levels of exposing sensitive information to dangerous scenarios.

Device Posture Security using NordLayer

NordLayer's Device Posture Security service is based on the ZTNA security model, meaning that all devices are treated as untrusted until they can prove trustworthy. 

DPS

This approach ensures that organizations have complete visibility and control over the devices connecting to their network.

The Device Posture Security functionality helps monitor who connects to the company network according to predefined rules and enables non-compliant device blocking capability to meet ZTNA requirements.

Primarily, NordLayer-introduced Device Posture Security service allowed monitoring network-entering devices. Now the technology is enhanced with blocking functionality that enables network administrators to take action once a non-compliant device is detected.

How does NordLayer’s Device Posture Security service work?

The cloud-based service monitors all devices with an installed/running NordLayer application. 

Device Posture Security allows organization admins to perform several actions for more accurate and extensive network supervision: 

  • The service qualifies admins to get notified about new devices entering the network and lets to identify them
  • Inspect if the compatible operating system (OS) of every entering device is used, and check its version against the supported OSs’ list
  • Verify the newest NordLayer application version is utilized
  • Scan organization-enlisted devices to see if they contain an admin-installed file that allows determining corporate devices from personal ones
  • Browse a History tab with the logged activity of all connected devices for investigation and auditing network activity

More in-depth information allows for following the internal procedures to enforce OS or application updates to ensure the most recent patches and bug fixes are in place.

The Device Posture Security service helps close potential security gaps by checking if the device is not jailbroken/rooted or doesn’t miss an organization-enrolled file. If the device doesn’t comply, admins can disconnect it from the network to protect it.

How NordLayer’s Device Posture Security is different?

NordLayer’s Device Security Posture contains two capabilities. Until the latest service upgrade, it was dedicated only to device posture monitoring. The full composition of the service now offers monitoring and device account-blocking capability functions.

DPS

The ability to monitor and allow only trusted devices to access digital company resources helps adopt the ZTNA approach, allowing organizations to enjoy peace of mind knowing that all devices connecting to their network meet their security standards. 

  • Only trusted devices are permitted. Device Posture Security enables organization administrators to verify every device within the network separately, whether it's a known endpoint. If the device is unrecognized, an alert is triggered for the admin to review if it complies with company security policy requirements.
  • Use of allowlisted operating systems. The NordLayer application is available on Windows, macOS, and Linux operating systems. However, a company can only settle to work with one OS, like macOS. Thus, the service will notify the system if a user tries to use a device with any other but enabled OS.
  • Ensuring utilized OS versions are up-to-date. Due to security patching requirements, companies can define a threshold by which OS versions comply with internal policies. Therefore, if the system detects an outdated operating system version that deviates from set rules, it informs the administrator to take relevant action.
  • Establishing the use of the latest NordLayer app version. Following NordLayer’s Release Notes, IT managers can see the latest information about new and essential feature launches that apply to the most recent application version.
  • Existing File check. Administrators can store a specific file that labels the device as approved to log and recognize corporate devices. This action distinguishes corporate-approved devices from personal ones, even if they consist of the same operating system and version.

To ensure organization members use the latest app version, the admin must create a Device Posture Security profile with the desired NordLayer version to determine who should update the app.

NordLayer’s Device Posture Security offering builds a practical, security-by-design-based approach to business network protection. Thus, the service allows close supervision of endpoints within the network if they are up-to-date as required. Automated device inspection helps prevent overlooked security gaps whether the organization has only a dozen or a few hundred users.

Benefits of Device Posture Security

Regular check-ups of in-network operating devices establish a threat prevention-based approach to internal compliance management. The service enables organization network admins to act more centrally, define the scope of the rules, and maintain high security levels without spending long hours or hiring a squad to carry out such tasks.

Enforcing rules centrally

Created security policies can be enforced in a matter of moments for the full-scale organization within a few mouse clicks.

NordLayer features in review Device Posture Security

The Control Panel allows administrators to see what teams fall under the security requirements and must follow the rules. 

Increasing device visibility to the admin

The larger the company, the bigger the endpoint network to supervise. Especially when users practice having a few devices per member, multiplying the work scope for the administrators. 

DPS

Device Posture Security reveals and registers every endpoint within the company network, collecting information in the History tab and limiting the possibility of slipping for unauthorized or faulty devices at a given time.

Understanding whether the device is compliant and up-to-date

The service allows network admins to see more in-depth information on whether the endpoints comply with organization security requirements. 

DPS

Tracking what operating system and which version and NordLayer application edition is used creates a more action-based cybersecurity strategy for the organization.

Giving access to block untrusted devices

Device Posture Security allows network administrators to reject untrustworthy devices from the company network. 

DPS

If the admin sees that the device is jailbroken or rooted, lacks a specific organization-deployed file, or needs an update—they can enforce action to be performed outside the organization and confirm device entrance to access resources only when the endpoint can be trusted.

Preventing non-compliant devices from accessing your network

The NordLayer service gives the option to see any deviating devices in the network that were infected or outdated while being there.

DPS

However, taking action at an entry level is as important. Blocking a non-compliant device beforehand helps avoid any back peddling with uncertain consequences if such a device is detected after entering the network.

Entering NordLayer’s Device Posture Security

Device Posture Security makes your organization more robust to digital threats and brings it one step closer to implementing the ZTNA model approach to the cybersecurity strategy. The Device Posture Security service setup and deployment are made straightforward to achieve it effectively. 

NordLayer provides information about devices on the Control Panel. Device security check logs contain information such as timestamps when the last check was done or device deviation detected, endpoint identification information, and its status. The device status is based on admin-defined rules the organization must comply with.

For comprehensive tracking, organization-allowed devices can fall under the category of a fully compliant device or initiate an alert whether the device is unknown, operated by a forbidden OS, if the version needs an update, or device doesn't contain a specific file required per internal security policy. As predefined by a set of rules, any deviation prevents the device from accessing company resources.

Device posture security checks are performed regularly. If a device becomes not compliant, an alert is triggered, and the user is disconnected from Virtual Private Gateway—such action was unavailable utilizing the Device Posture Monitoring service. With device account blocking, the Device Posture Security provides extra protection for company data without additional labor and resources.

Let's discuss the NordLayer solution for your business network access security now.


Head of Product


Share this post

Related Articles

What is Smart Remote Access
NordLayer Linux app release

Stay in the know

Subscribe to our blog updates for in-depth perspectives on cybersecurity.