Skip to content

Kolide

Cloudflare Zero Trust can integrate with Kolide to require that users connect to certain applications from managed devices. This service-to-service posture check uses the WARP client to read endpoint data from Kolide. Devices are identified by their serial numbers.

Prerequisites

  • Kolide agent is deployed on the device.
  • Cloudflare WARP client is deployed on the device. For a list of supported modes and operating systems, refer to Service providers.

Set up Kolide as a service provider

1. Create a Client Secret in Kolide

  1. Log in to your Kolide dashboard.
  2. Select your profile and go to Settings > Developers.
  3. Select Create New Key.
  4. Enter a Key Name and select Save.
  5. Copy the Secret token to a safe place. This will be your Client Secret.

2. Add Kolide as a service provider

  1. In Zero Trust, go to Settings > WARP Client.
  2. Scroll down to Device posture providers and select Add new.
  3. Select Kolide.
  4. Enter any name for the provider. This name will be used throughout the dashboard to reference this connection.
  5. Enter the Client secret you noted down above.
  6. Choose a Polling frequency for how often Cloudflare Zero Trust should query Kolide for information.
  7. Select Save.

You will see the new provider listed under Settings > WARP Client > Device posture providers. To ensure the values have been entered correctly, select Test.

3. Configure the posture check

  1. In Zero Trust, go to Settings > WARP Client > Service provider checks.
  2. Select Add new.
  3. Select the Kolide provider.
  4. Configure a device posture check and enter any name.
  5. Select Save.

Next, go to Logs > Posture and verify that the service provider posture check is returning the expected results.

Device posture attributes

Device posture data is gathered from the Kolide K2 API.

SelectorDescription
Issue countTotal number of issues detected on the device