Device attributes collected by Endpoint Verification

Stay organized with collections Save and categorize content based on your preferences.

This document describes the details of device attributes that are collected by Endpoint Verification from the devices accessing your organization's resources.

Device attributes

The following table describes the attributes that are collected by Endpoint Verification that you can use to create access levels:

Attribute name Description Supported OS Example of using the attribute in the CEL expressions
is_secured_with_screenlock A boolean value that indicates whether the screen lock function is enabled on a device.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.is_secured_with_screenlock == true
encryption_status

The encryption status of a device. Possible values:

  • ENCRYPTION_UNSPECIFIED = 0 indicates that the encryption status of the device is not specified or not known.
  • ENCRYPTION_UNSUPPORTED = 1 indicates that the device does not support encryption.
  • ENCRYPTION_UNENCRYPTED = 2 indicates that the device supports encryption, but is not encrypted.
  • ENCRYPTED = 3 indicates that the device is encrypted.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.encryption_status == DeviceEncryptionStatus.ENCRYPTED
os_type

The operating system running on a device. Possible values:

  • OS_UNSPECIFIED = 0 indicates that the operating system of the device is not specified or not known.
  • DESKTOP_MAC = 1
  • DESKTOP_WINDOWS = 2
  • DESKTOP_LINUX = 3
  • DESKTOP_CHROME_OS = 6
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.os_type == OsType.DESKTOP_MAC
os_version The version of the operating system running on a device.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.os_version == "12.5.0"
verified_chrome_os A boolean value that indicates whether the request comes from a device with a verified ChromeOS. ChromeOS (only for enterprise-enrolled devices) device.verified_chrome_os == true
model The model of a device.
  • Mac
  • Windows
  • Linux
device.model == "MacBookPro16,1"
is_managed_browser_profile A boolean value that indicates whether the Chrome content area account associated with a device matches its Chrome profile account.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.is_managed_browser_profile == true
certificates Attributes of the certificates associated with a device. For example, Enterprise certificates.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.certificates.exists(cert, cert.is_valid && cert.root_ca_fingerprint == "SOME_ROOT_CA_FINGERPRINT")
windows_domain_name The domain name of a windows machine. Windows device.clients["bce"].data["windows_domain_name"] == "GOOGLE"
is_os_native_firewall_enabled A boolean value that indicates whether the operating system's built-in firewall is enabled on a device.
  • Mac
  • ChromeOS
  • Windows
  • Linux
device.clients["bce"].data["is_os_native_firewall_enabled"] == true
is_secure_boot_enabled A boolean value that indicates whether the secure boot option is enabled on a device. Windows device.clients["bce"].data["is_secure_boot_enabled"] == true
av_installed A list of antivirus software products that are installed on a device. Windows device.clients["bce"].data["av_installed"].exists(x, x == "mcafee") == true
av_enabled A list of antivirus software products that are installed and enabled on a device. Windows device.clients["bce"].data["av_enabled"].exists(x, x == "mcafee") == true
hotfixes A list of hotfixes that are applied on Windows systems. Windows device.clients["bce"].data["hotfixes"].exists(x, x == "KB0001") == true

Device identity attributes

The following table describes the attributes that are collected by Endpoint Verification that you can use to identify devices:

Attribute name Description Supported OS
Serial number The serial number of the device.
  • Mac
  • ChromeOS (only for enterprise-enrolled devices)
  • Windows
  • Linux
Hostname The hostname of the device.
  • Mac
  • Windows
  • Linux
Device ID The unique identification number associated with the device.
  • Mac
  • Windows
  • Linux
Wifi MAC Address The MAC address of the device.
  • Mac
  • ChromeOS
  • Windows
  • Linux

What's next