Scense

Full Version: Criterion / Action: deviceTRUST integration
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
deviceTRUST is a (3th party) product that allows to expose client device parameters in a remote desktop infrastructure (RDS and VDI: Citrix XenApp/XenDesktop, VMWare View, Microsoft RDS...) to the virtual desktop. Based on this information access (allow login), applications and behavior can be limited.

In general only the username and possibly the remote machinename/IP are exposed. Using deviceTRUST the complete configuration, for example security status (virusscanner up to date, firewall, ...?), network status (are you inhouse, on a wired/wifi connection including SSID) and even location (only trusting EU or VS, or also Nigeria).

This information is determined during logon/reconnect, but also updated (triggered or timed updated).
Whenever a status is changed, an application can be triggered, allowing to respond to the change. If for whatever reason for example the firewall is disabled (virus?), you could identify this as an insecure client device and disconnect. Or when connecting from a remote location/not inside the office, only non-privacy sensitive applications/data is available.

Scense and deviceTRUST
To be able to manage this a Workspace Management Tool can ease the way the environment should respond to changing criteria.
Actually: That is it is made for, so why try to strugle with those scripts?

What is in the downloads?
In the downloads you will find some criteria that allow you to easily respond to information exposed by deviceTRUST.
- Installed trigger (is deviceTRUST installed on the host/client device?)
- Value check (Criteria to check for a specific condition)
- Combined checks (Some simple status checks that for example check if the client device is 'trusted' by the Action Centre)

At last there is a "Sample trigger application" (host)
This application defines a trigger source, that will handle deviceTRUST 'status changed' updates. It will also register itself as the trigger handler upon computer startup. The only thing not included is the install of the host service. Please check deviceTRUST for the latest version and add this yourselves.

For more information on deviceTRUST, please visit their website: http://www.devicetrust.com