3.2.1.3.3. Enroll a device

Access is enforced via the OPSWAT client. If users are not already running the client, you will need to provide it to them. If users already have the client installed, you will need to enable the Secure Access feature.

Enroll Corporate Devices that do NOT yet have the OPSWAT Client Installed

Authenticates to SDP with corporate credentials validated against a SAML provider.

  • SDP admin clicks the “+Device” button

  • This spawns a download button dialogue for the OPSWAT Client with options

  • If you want endpoints automatically assigned to a SDP management group, you can check the relevant box and choose the appropriate group from the dropdown.

  • Click “DOWNLOAD OPSWAT CLIENT FOR DISTRIBUTION” to save the client locally for distribution vie endpoint management (SCCM, MDM, etc.)
    images/download/attachments/2575478/opswat-client-download.png

  • Once the client is installed, users can navigate to their SAML provider’s dashboard and launch SDP via a widget. The example below shows a JumpCloud application. If this part doesn’t make sense, please check out 3.2.1.3.1.1. Configure SAML authentication for end users
    images/download/attachments/2575478/jump-cloud-widget.png

  • Alternately, a SAML authentication prompt will spawn whenever the user attempts to access a protected web application.

All steps up to “DOWNLOAD OPSWAT CLIENT” can be repeated with different dropdown options if you need to enroll devices into multiple SDP groups.

Add SDP to Endpoints Already Running the OPSWAT Client

Your organization is already using the MetaAccess client and you are pushing Secure Access (SDP) to your existing users.

  • Navigate to Inventory > Device Groups and click the group you want to manage
    images/download/attachments/2575478/device-groups.png

  • Check off “Enable SDP” and enter your PIN. Then update the “Assigned Policy” and “Assigned Rebranding Package” dropdown options if desired.

  • Click Add Devices to Group
    images/download/attachments/2575478/add-device-to-group.png

  • On the resulting page, search for your endpoint(s) by IP or MAC address, Machine Name or Device ID.

  • Check off the ones you want to add and click the “Add Devices To Group” button.
    images/download/attachments/2575478/add-device-to-group-01.png

  • The OPSWAT Client will install SDP automatically.

  • Once installed, SDP will prompt the end user automatically for SAML authentication.