Set client acess method
HySecure's access control management interface allows creating access controls with the following access control methods.
- Device ID fingerprinting based access control to User groups -- Device ID access controls will restrict access of VPN gateway to user groups based on matched criteria of end user machine device finger prints.
- Endpoint Connectivity Based Access Controls to User groups - Based on this policy, Administrator can control Internet access, and close all active connections if users are connected to VPN gateway.
Device ID Based Finger Printing
Device ID based finger printing feature added in this release will capture necessary details from the client machine running the HySecure client software. The Device ID is a unique set of numbers and letters generated and allotted by hardware manufacturers for identifying their device. Administrator can create access control for user groups based on Device ID fingerprinting.
Parameters covered under device fingerprint:
| Parameter | Description |
|---|---|
| OS type | Client Operating System details |
| Mother Board ID | ID of Mother board |
| CPU ID | ID of CPU |
| MAC ID | MAC Address of LAN card |
| Hard disk ID | ID of Hard disk |
| IMEI number | IMEI Number of the device (For Android and iOS based Devices) |
| Received WAN IP Address | WAN IP address received on Server sent by client. This can be different than original IP address if client browser is proxy configured. This option can be disabled using preference on the server side. |
| Detected WAN IP address | WAN IP address detected by server where WAN packets are terminating at Firewall or Router. This is the WAN IP address SSL VPN client is receiving from SSL connection. |
| Device Type | Will show the device type |
| Browser Type | Will display browser name |
| Browser ID | Will display browser ID |
| Region | Client machine regional Settings |
| Time zone | Time zone of end user machine |
| Locale | Language which sets on client machine. |
| Default gateway | Default gateway address of Client machine |
| Network Card Manufacturer | Name of NIC card manufacturer |
Device ID Based Access Controls
Administrators can create Device ID based access controls from Accops HySecure Management Console \ Access Management \ Access controls\ Create access controls ** Select access control type as Device ID.**
When a user logs in to HySecure server for the first time, HySecure client will scan device finger prints and will send them to server. Administrator can select single or multiple Device ID parameters for creating access control. Administrator can also mention number of per user device ID signatures. For instance, if administrator selected 3 device ID signatures, User can login into HySecure server from maximum of three different End user machines / devices.
Automatically approve devices:
Administrator can control allowing device access by manual process or automatically. All scanned Device ID details are stored in database and administrators can allow or deny access. Captured Device ID details can be found under Management console \ End point Management \ Device Management.
