- Auto updates of Operating System (OS)
If you're using Device posture on Ubuntu, automatic detection of OS upgrades is possible only if configured with
apt unattended-upgrades package See AutomaticSecurityUpdates in Ubuntu documentation.
- Device Certificates
Device certificates are detected for certificate profiles only if they are configured in these two forms:
Using the NSS-Shared DB in Linux Cert Management.
a.The private key must be added as an identity and must show up when you run
certutil -d sql:$HOME/.pki/nssdb -K
b. A certificate must exist with the same alias as the private key from the above command.
Certificates are stored as flat files in a directory.
$HOME/.certsdirectory is supported.
b. Only container formats with these extensions are supported, .p12, .pfx
c. If the organization manages certs and keys separately, EAA supports the following formats - .key for private keys and .crt for certificates
d. For private keys, EAA only supports PKCS1 and PKCS8 private keys encoded in PEM format. EAA supports rsa, ecdsa, and ed25519 private keys
e. For certificates, EAA supports any PEM encoded valid x509 certificate.
SIA integration is not supported.
On Ubuntu, anti-malware products that are managed by systemd, and can be queried using systemctl command are supported. Supported systemctl command and systemd services are:
|systemctl command||systemd service|
Firewall status - On Ubuntu, Uncomplicated Firewall (UFW) is supported. See UncomplicatedFirewall in Ubuntu documentation. Uncomplicated firewall manages IP table rules. IP table rules can be added independently bypassing Uncomplicated Firewall.
Installed browsers - For Ubuntu, browsers are detected only if they are installed with dpkg or snap. Other installation methods including moving a binary into the path or manual configuration is not detected.
Dpkg detection is possible for the following:
Snap detection is possible for the following:
Updated 9 months ago