Unified Access Gateway performs a risk check with Workspace ONE Intelligence. Based on the value, you can restrict access from risky devices.

Risk scoring is available for Horizon connections from Workspace ONE UEM managed devices. See Risk Scoring.

Prerequisites

Ensure that you have configured the Workspace ONE Intelligence connection.

Procedure

  1. Under Advance Settings, click the Endpoint Compliance Check Provider Settingsgearbox icon.
  2. Click Add.
    Note: If you have already added Workspace_ONE_Intelligence_Risk_Score as the endpoint compliance check provider, you can either edit the settings by clicking the gearbox icon or add new provider settings by deleting the existing one.
  3. Select Workspace_ONE_Intelligence_Risk_Score as the Endpoint Compliance Check Provider.
  4. Select the Workspace ONE Intelligence connection setting.
  5. Enter the Compliance Check Interval value.
    • Valid values (in minutes) - 5 to 1440
    • Valid values (in seconds) - 300 to 86400
    • Default value - 0

      0 indicates Compliance Check Interval (mins) is disabled.

    For more information about periodic compliance checks and Compliance Check Interval, see Time Interval for Periodic Endpoint Compliance Checks.

  6. To change the default value of the risk score severities and allow endpoints to access remote desktops and applications, click Show Allowed Risk Score Severities.

    Supported risk score severities: Low, Medium, High, and Others.

    By default, endpoint devices that have Low risk score are always allowed access.

  7. If you want to allow devices that have a risk score other than the default value, click to change from DENY to ALLOW.
    By default, endpoint devices with risk score severities other than LOW are denied.
  8. Click Save.

What to do next

  1. Navigate to Horizon settings, locate Endpoint compliance check provider text box, and select Workspace_ONE_Intelligence_Risk_Score from the drop-down menu.
  2. Click Save.