sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-05-02 23:36:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Crowdstrike ZTA description (#181)

Browse Source
This commit is contained in:
Zoltan Papp
2024-04-19 19:57:30 +02:00
committed by GitHub
parent fe6878c2ca
commit 52d4355d62
5 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/pages/how-to/endpoint-detection-and-response.mdx
View File

@@ -1,4 +1,4 @@
# Endpoint Detection and Response (EDR)
# Endpoint detection and response (EDR)
Endpoint Detection and Response (EDR) is a cybersecurity technology designed to help organizations detect, investigate,
and respond to threats on endpoint devices. An endpoint is any device that is connected to a network, such as laptops,
@@ -12,6 +12,9 @@ NetBird integrates with major EDR platforms to restrict network access only to d
With the integration enabled, NetBird synchronizes the list of devices managed by the EDR platform via the API and
checks the presence of the EDR agent on the device, blocking access to the network if the agent is not installed.
In addition to the aforementioned features, the system also has the capability to check the Zero Trust Assessment (ZTA) score of the hosts.
The system can limit network access based on this ZTA score. For instance, if a device has a ZTA score below the set threshold, it may be deemed too risky and thus, denied access to the network.
NetBird doesn't apply the EDR checks to all devices in the network. Instead, you can select specific groups of devices for
the checks to apply.
@@ -31,6 +34,7 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
- Navigate to the [API clients and keys](https://falcon.eu-1.crowdstrike.com/api-clients-and-keys/) page
- Click `Create API client` at the top, right corner
- Set Hosts - Read permission
- Set Zero Trust Assessment - Read permission
- Click `Create`
- Copy the credentials. You will need these credentials when configuring an integration in NetBird.
@@ -50,13 +54,14 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
<p>
<img src="/docs-static/img/how-to-guides/crowdstrike-credentials.png" alt="crowdstrike-credentials" className="imagewrapper"/>
</p>
- Select groups you want to apply the integration to and click `Connect`.
- Select groups you want to apply the integration to
- If you would like to apply a ZTA threshold, then enable the [Zero Trust Assessment Score](https://www.crowdstrike.com/blog/tech-center/securing-private-applications-with-crowdstrike-zero-trust-assessment-and-aws-verified-access/) and set the desired limit, and click `Connect`.
<p>
<img src="/docs-static/img/how-to-guides/crowdstrike-groups.png" alt="crowdstrike-groups" className="imagewrapper"/>
<img src="/docs-static/img/how-to-guides/crowdstrike-groups-zta.png" alt="crowdstrike-groups-zta" className="imagewrapper"/>
</p>
<Note>
The EDR check will apply only to machines in the selected groups and will require the presence of the CrowdStrike agent.
The EDR check will apply only to machines in the selected groups and will require a running CrowdStrike agent.
</Note>
<Note>
You can also use groups [synchronized from your Identity Provider (IdP)](/how-to/idp-sync).