2. Integrations

This document gives you a guideline how to integrate MetaAccess to your existing solution to enforce device posture check.

A few integration use cases include:

  • Add MetaAccess to your existing SSL VPN/NAC solution for checking prior to access to your network

  • Include MetaAccess as a feed into your RMM (Remote Monitoring & Management) platform for full visibility into the security and compliance state of your environment

  • Integrate MetaAccess into your existing MDM solution to assess the security and compliance state on new BYOD devices

Check out our existing integrations here

How does it work?

images/download/attachments/26171910/MetaAccess-Integration-181204-light%402x.png

MetaAccess agent runs on an endpoint and periodically checks compliance status of the device against a security baseline (policy) configured on your MetaAccess cloud. This compliance information for the endpoint is stored locally and also available from the MetaAccess cloud. Your solution uses the compliance information to make enforcement actions.

When a user accesses to your service, your solution needs to query MetaAccess via our OAuth API or use Custom Policy Check to check the device's compliant status. After getting device status, your solution then makes decision on granting access for the device and shows error messages to end-user in each use case.

You can use either device MAC address or device ID to query device health and compliance status via OAuth API. MetaAccess generates an unique identity for each device and offers multiple mechanisms to retrieve Device ID such as Brower Cookies, Client Certificate, and Cross-Domain API if endpoints are running persistent agents


A comparison of solutions to retrieve Device ID

 

Registry or p-list values

Browser Cookie

Client Certificate

Cross-domain API

Agent required

Yes

No

No

No

User right

admin

All

All

All

OS

Windows and macOS

Windows only

Windows and macOS

Windows and macOS

Reliability

High

Low

High

High

Browsers

All

IE, Firefox, Chrome

IE, Firefox, Chrome, Safari

All

Browser mode

All

Not support Incognito or In Private mode

All

All

User Interaction

No

No

Maybe

No

Security

High

Low

High

High

Can be deleted accidentally by user

No

Yes

No

No

MetaAccess also exposes a command-line interface that allows a user how to control the on-demand client is run.