Host Checker Remediation - Is it possible to apply a different role based on a host checker policy?
We are looking to move some of our ASA based IPSEC VPN clients over to PulseSecure. We currently have a couple of checks on that system that we use to verify if they are connecting from a company owned machine or a personal machine. The checks are a registry key and a Windows/Mac process. If it's a company machine they get full access to the network. If it's a personal machine they get limited access to the network. Is this possible with PulseSecure?
Re: Host Checker Remediation - Is it possible to apply a different role based on a host checker poli
@woodyak Yes, we need to configure HC policy with registry check rule and apply the policy under the user realm as "Evaluate only", and then create role mapping rules to assign full or limited access roles based on the HC results.
Custom expressions type role mapping rules have to be created. Expression named "hostCheckerPolicy = <Policy name>"