Skip to content

Device ID

Device ID Access control

Use Device ID-based access control to restrict the access of HySecure from the specified set of machines, say corporate machines only, i.e., restrict users logging in from the specified machines only.

Device ID-based Authentication can be used to:

  1. Restrict users to logging in from the corporate machines or tablets.

  2. Restrict users to logging in from single or multiple machines.

  3. Restrict users to logging in only from specific locations like branch offices.

  4. Restrict users to logging in from certain countries or locales.

  5. Restrict access if the user is using an Internet proxy by detecting the actual location of the user.

Important Terms / Actions

Device ID

A device ID is a unique signature created by HySecure Gateway for each device that connects to it. The HySecure Portal and Client collects the hardware details of the user device and sends it to the Gateway. The Gateway, in turn, stores the information and registers the device if the policy is set to allow that.

A device ID can be formed using the following parameters:

  1. IMEI (only for tables/smartphones with SIM cards)

  2. Serial No. (only for tablets and smartphones)

  3. CPU ID

  4. Motherboard ID

  5. HDD ID

  6. MAC Addresses

  7. IP Addresses

  8. Default Gateway

  9. Regional Settings

  10. Locale

  11. Detected and Received WAN IP Address

  12. Device Type

  13. Browser ID

  14. Browser Type

Administrators can choose from the above list and include it in the device ID. Some of the parameters, when included in the device signature, can affect the user's mobility.

Device Registration Process

The registration process is completely automated. Device ID can be enabled based on the user groups. When the user is a member of the group for which the Device ID is enabled, the device signature gets registered for the device from which the user has logged in.

If Auto approval is enabled i.e., ON, the user can start working immediately. If Auto approval is off, the user device is registered, but the user cannot access the applications until the administrator reviews and approves the registered device and the device for the user. If SMTP is configured on the HySecure server, then the administrator will get an email notification for device registration.

Manage Registered Devices

HySecure administrator can log in to the HySecure and review, approve, block, or manage the device registrations.

Configuration Workflow

This section describes the workflow for creating a Device ID type of Access Control.

  1. Ensure that the Application Group containing the applications which are to be published has been created.

  2. Check the "Enable collection of device fingerprint details from user device" option from Policies > Client Profiles.

  3. Create an Access Control of the type "Device ID" and assign the User/User Groups, along with the Device ID parameters which need to be enforced for logging in to the HySecure Gateway.

Device ID Preference

If multiple Device ID based Access Controls are configured then the first matching Access Control is applied.