About Device Posture

Device Posture helps you to protect your applications and reduce security risks. It lets you establish trust in devices that comply with security policies and deny access to devices that don't meet security criteria. In the Enterprise Center you can add device posture capabilities like tiers, tags, versions, and certificate profiles. You can also integrate with external signals after enabling device posture in the identity provider and configuring a client-access application.
Use the EAA Device Posture features on both computer and mobile devices. EAA Device Posture is a key feature of the Enterprise Application Access (EAA) for user access to enterprise applications, and a valuable component of the ‚ÄčAkamai‚Äč Zero Trust model. Device Posture is not aimed at identifying determined bad actors or devices. Instead, Device Posture complements and enhances existing EAA authentication, authorization, access control rules, and reporting capabilities, providing additional context about the device posture and a device risk assessment to better inform application access policy. Since applications vary in level of sensitivity and value, such access policy in EAA is evaluated on an individual application basis.
On a regular basis, Device Posture captures signal data from devices in the environment. Using this information, you can analyze, understand, and improve overall application security by augmenting existing application access control list (ACL) with rules that account for the device posture and associated risk. Device Posture helps to ensure that the devices accessing applications satisfy the necessary security requirements.
Monitor device properties with Device Posture to be able to apply adaptive application security controls based on the assessed risk and posture of the devices accessing these applications. Device Posture does not improve the security of a device; it does, however, use the collected information to help administrators improve the security of applications.

With Device Posture you can:

  • Capture device signals. Device Posture collects security-related device data, such as OS and browser version, disk encryption and antivirus status. With this data you can define and enforce application access control policies.

The table below contains signals and information collected from desktop and mobile devices and reported to the back end systems.

Desktop devicesMobile devices
Anti-malware characteristics
Certificate characteristics
Device name and ID
Device local user and IdP username
Device signal last update time
Disk encryption status
EAA Client version and status
EAA Client status
Installed web browser(s) and versions
OS version
Signal update time
System firewall status
Additional signals collected from third-party integrations (respective product licenses are required)
Biometrics status
Device name and ID
EAA Client version
IdP username
Jailbreak status
OS and version
Screen lock status
Signal last update time
  • Assess device risk. You can create a device risk assessment profile based on signals collected from each device. This data allows you to evaluate the device risk status and build a risk database for analysis. See Configure device risk assessments.

  • Control devices that access enterprise applications. You can create policies that classify devices into low, medium, high-risk tiers and set rules to include a selected set of devices into a specific tag. With tiers and tags you can apply access control rules (ACLs) customized per application. See Control access to applications.

  • Collect additional signals with CrowdStrike, ETP, and VMware Carbon Black integrations. ‚ÄčAkamai‚Äč ‚ÄčEnterprise Threat Protector‚Äč (ETP) provides you with a list of compromised devices on an hourly basis. CrowdStrike Falcon sensor collects additional data that you can apply to the EAA application access control rules. VMware Carbon Black Predictive Security Cloud also collects additional data that you can apply to EAA application access control rules. Those integrations improve endpoint security and help you to protect your organization against cyberattacks. See Integrate with ETP, Integrate with CrowdStrike, and Integrate with VMware Carbon Black.

  • Monitor and analyze the posture of devices. The Device Posture dashboard provides you with an overview of devices health. As an administrator you can also filter device inventory and history data, prepare reports and troubleshoot issues. See Device Posture dashboard and Device Posture reports.

  • Receive remediation and notification messages. When a device is denied access to an application because of device posture, the end user receives a notification explaining the reason why this device was blocked. Remediation messages provide end users with a corrective action to take, which lets them resolve device issues and reduces calls to the help desk. See Check device posture remediations, signals and update Client.

Access the EAA Device Posture from ‚ÄčAkamai Control Center‚Äč

  1. Log in to ‚ÄčAkamai Control Center‚Äč.

  2. Go to ‚ėį > ENTERPRISE SECURITY > Enterprise Center.

  3. You can find Device Posture capabilities in the following areas of the Enterprise Center navigation menu:

    1. Click Dashboard > Device Posture to see the summary of security posture of your corporate devices. The Device Posture dashboard is interactive and lets you redirect to filtered reports.

    2. Click Application Access > Reports and choose between device history, device inventory and device saved reports. In this section, you can create and review your reports.

    3. Click Application Access > Device Posture to configure your Device Posture configurations.