/
Tamperproof

Tamperproof

The Barracuda SecureEdge Tamperproof feature provides an easy way to protect against unauthorized or accidental tampering with the SecureEdge Access Agent app installation, security policy, and app settings on endpoints. When you enable Tamperproof on a device, the user will no longer be able to do the following: disable the SecureEdge Access Agent or unenroll the Access Agent, In other words, the Tamperproof feature hides the quit, unenroll, and disable options on the SecureEdge Access Agent app. You can override the SecureEdge access settings and create settings on a user level. Note the different behavior depending on the OS as described in the Operating System Specifics section below.

Configure Tamperproof

  1. Go to Access > Enrolled Users.

  2. Click the Settings icon next to the enrolled user.

  3. In the Access Settings section, you must first enable User Override for a specific user before configuring individual settings for Tamperproof. Specify values for the following: 

    • User Override – Click to enable/disable.

      • If User Override is enabled, specify values for the following:

        • Tamperproof –  Click to enable/disable. Turning this setting on applies Tamperproof protection to all enrolled devices. 

          • If Tamperproof is enabled, the user will no longer be able to do the following: 

            • Disable the SecureEdge Access Agent

            • Unenroll 

          • If Tamperproof is disabled, all of the above-mentioned features are available to the user. 

      • If User Override is disabled, users cannot override the SecureEdge Access settings. 

  4. Click Save.

For devices running iOS, iPadOS, or Android, an MDM solution is required.

Operating System Specifics

  • Windows – With Windows, the SecureEdge Access Agent app automatically starts on Windows startup. To prevent uninstallation and stopping of the agent by the user, install the process as an administrator and assign user-level access to the end user.

  • macOS – Requires an MDM solution and deployment of the .mobilconfig and .plist files, which enable SecureEdge Access to automatically start on the endpoint and prevent the agent from being stopped by the user. The .mobilecconfig file is set to prevent the VPN profile from being uninstalled and to make sure that the user cannot bypass web filtering by recreating a connection on the VPN when a connection is initiated. The .plist file is used to restart the SecureEdge Access Agent app if it is closed.

 

We value your feedback.
If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
For general product inquiries or technical support, please contact the global Barracuda Support team.