Skip to content

Device ID

Device ID Access control

Use Device ID based access control to restrict the access of HySecure from the specified set of machines only say corporate machines only i.e. restrict users log in from the specified machines only.

Device ID based Authentication can be used to:

  1. Restrict users to log in from the corporate machines or tablets.

  2. Restrict users to log in from single or multiple machines.

  3. Restrict user to log in only from the specific locations like branch offices.

  4. Restrict users to log in from the certain countries or locale.

  5. Restrict access if the user is using Internet proxy by detecting actual location of the user.

Important Terms / Actions

Device ID

A device ID is a unique signature created by HySecure Gateway for each device that connects to it. The HySecure Portal and Client collects the hardware details of the user device and sends it to the Gateway. The Gateway in turn stores the information and registers the device if the policy is set to allow that.

A device ID can be formed using following parameters:

  1. IMEI (only for tables/smartphones with SIM card)
  2. Serial No. (only for tablets and smartphones)
  3. CPU ID
  4. Motherboard ID
  5. HDD ID
  6. MAC Addresses
  7. IP Addresses
  8. Default Gateway
  9. Regional Settings
  10. Locale
  11. Detected and Received WAN IP Address
  12. Device Type
  13. Browser ID
  14. Browser Type 15 And more..

Administrators can chose from the above list and include in the device ID. Some of the parameters when included in the device signature, can effect user's mobility.

Device Registration Process

The registration process is completely automated. Device ID can be enabled based on the user groups.
When the user who is the member of the group for which the Device ID is enabled, the device signature gets registered for the device from which user has logged in.

If Auto approval is enabled i.e. ON, the user can start working immediately. If Auto approval is Off, the user device is registered but user cannot access the applications until the administrator reviews and approves the registered device and the device for the user. If SMTP is configured on the HySecure server then administrator will get email notification for device registration.

Manage Registered Devices

HySecure administrator can log in to the HySecure and review, approval, block or manage the device registrations.

Configuration Workflow

This section describes the workflow for creating a Device ID type of Access Control.

  1. Identify the User / User group for whom the Access Control needs to be made implemented. The set of users will either be:

    1. part of an Authorization Server associated with an Authentication Domain which is attached to a HySecure Domain OR

    2. part of a High / Low Security native User Group OR

    3. a High / Low Security native User

  2. Ensure that the Application Group containing the applications which are to be published has been created.

  3. Check the "Enable collection of device fingerprint details from user device" option from Policies > Client Profiles.

  4. Create an Access Control of the type "Device ID" and assign the User/User Groups, along with the Device ID parameters which need to be enforced for logging in to the HySecure Gateway.

Device ID Preference

If multiple Device ID based Access Controls are configured then the first matching Access Control is applied.