ZPA Device Posture for McAfee AV ENS On Access Scanning

ZPA Device Posture check can be used to check whether McAfee AV ENS On Access Scanning is enabled on a Windows endpoint before allowing the user to access private applications.

As described in this KB article from McAfee the registry key relating to McAfee OAS is as follows:

*HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\Endpoint\AV\OAS*

Where the value uOasWacState 1 indicates it is enabled, 2 is disabled.

This registry key and value can represented as a Device Posture check in Zscaler as shown in the screenshot, which can then be referenced in ZPA Access Policy:

1 Like