Kolide
Cloudflare Zero Trust can integrate with Kolide to require that users connect to certain applications from managed devices. This service-to-service posture check uses the WARP client to read endpoint data from Kolide. Devices are identified by their serial numbers.
Prerequisites
- Kolide agent is deployed on the device.
-
Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to Service providers.
Set up Kolide as a service provider
1. Create a Client Secret in Kolide
- Log in to your Kolide dashboard.
- Select your profile and go to Settings > Developers.
- Select Create New Key.
- Enter a Key Name and select Save.
- Copy the Secret token to a safe place. This will be your Client Secret.
2. Add Kolide as a service provider
- In Zero Trust ↗, go to Settings > WARP Client.
- Scroll down to Third-party service provider integrations and select Add new.
- Select Kolide.
- Enter any name for the provider. This name will be used throughout the dashboard to reference this connection.
- Enter the Client secret you noted down above.
- Choose a Polling frequency for how often Cloudflare Zero Trust should query Kolide for information.
- Select Save.
You will see the new provider listed under Settings > WARP Client > Third-party service provider integrations. To ensure the values have been entered correctly, select Test.
3. Configure the posture check
- In Zero Trust ↗, go to Settings > WARP Client > Service provider checks.
- Select Add new.
- Select the Kolide provider.
- Enter any name for the posture check.
- Configure the attributes required for the device to pass the posture check.
- Select Save.
- To test, go to Logs > Posture and verify that the service provider posture check is returning the expected results.
You can now use this posture check in a device posture policy.
Device posture attributes
Device posture data is gathered from the Kolide K2 API ↗.
Selector | Description |
---|---|
Issue count | Total number of issues detected on the device |