In the ZTP Cloud Console, go to Services > Risk Engine and click + Add New.
Enter a name and description for the new risk rule, select an adapter, and provide the required connection information.
NOTE
Most adapters require a client ID and client secret from the third-party service provider to allow the Risk Engine to access that service.
Click Save.
ZTP displays a default risk mapping—a conversion table that translates incoming data into AppGate risk levels. The following image shows the risk mapping for the OS Checker adapter. To modify the risk mapping, go to the Risk Mapping tab of the risk rule and click Edit Risk Mapping.
Before saving changes, you can preview the percentage of users that will fall under each risk range based on the current risk mapping values. Click Test in the upper right corner of the screen and review the Risk Rule Mapping Prediction.
To view detailed mapping prediction information for each protected device, click Download Details in the lower left corner of the Risk Rule Mapping Prediction window. The download includes the following fields:
Device ID
Username
IdP
Timestamp
Result
Current risk score
Client type
Client version
OS
Agent IDs
Hostname
MAC addresses
Test risk score
Click Save.
To edit the main properties or delete a risk rule, click Actions in the upper right corner.
