Manual device enrollment?

ultravelocity · December 5, 2022, 8:24pm

We’d like to use Zero Trust Access to allow users to access servers via RDP from approved devices only.

Is there a way to manually approve device enrollments? We only want users to access from pre-approved devices, not from any other device.

We could use a certificate, but not sure how to tie this in to the enrollment and access policies (for RDP).

ultravelocity · December 5, 2022, 8:39pm

I’ll add that we looked at serial numbers (described in https://blog.cloudflare.com/zero-trust-with-managed-devices). However, some of our devices just return “System Serial Number” as the SN. I don’t see a way to restrict by Device ID.

ucdscott · January 22, 2024, 10:07pm

Zero Trust > My Team > Lists > Create manual list > List type > Device IDs

then

Zero Trust > Settings > Device Posture > Add new > Unique client ID

then

Zero Trust > Access > Applications > Configure > Policies > Configure > Require > Unique Client ID List > List of IDs from step 1.

Topic		Replies	Views
How to create Device Enrollment Policy based on Serial Nubmer Zero Trust	0	245	March 10, 2024
Zero trust client access to application Gateway	1	1338	December 27, 2022
Device enrollment issue Zero Trust	1	558	March 19, 2024
Zero trust device revoked, enrolment policies skipped on device re-enrolment Zero Trust	0	751	August 10, 2023
Need help in setting up zero trust for Self-hosted application Access CloudflareAccess , CloudflareZeroTrust , CloudflareGateway , ZeroTrust	3	3113	February 22, 2022

Manual device enrollment?

Related topics