OnGuard is a software agent that performs posture assessments while BYOD is connected to eduroam or the wired network on campus.
When devices with OnGuard installed connect to the University network, the OnGuard agent reports basic information to the University’s network about the device's security health, including Cortex XDR status, operating system version, firewall status, and disk encryption status. This essential security information is similar to what university-owned endpoints report through their Enterprise Endpoint Management systems.
Once OnGuard reports a healthy status to the network and the device is authenticated with employee credentials, the device will be allowed into the Medium Risk (Level 3) network to access internal medium-risk services. A university-owned and managed device is required to access High Risk (Level 4) or Research (Level 5) network resources.
This service is intended for University employees that need to access network restricted medium risk data from a personally owned computer (BYOD).
ClearPass OnGuard is available for installation on Windows and macOS. Support for various Linux distributions will be coming soon.
To install ClearPass OnGuard, please follow the OnGuard Installation Guide.
Once OnGuard is installed, you may need to follow additional steps to remediate security issues. Please review the Personal Device Security Checklist for more information on security best practices and remediation steps.
Data Usage and Privacy
The OnGuard Application reports basic inventory data to Aruba ClearPass to perform posture assessments for elevated network access. The data collected is limited to:
- Device information including operating system, MAC address, and serial number.
- Device security settings including disk encryption, firewall, and auto-update preferences.
- Cortex XDR Application installation and version.