Skip to main content

Client Management Features

Client Insights Manager

Auto-Update

Always-On

The Always-On functionality allows your clients to be continuously connected to Lacework Edge, ensuring that secure policies are always enforced.

We recommend the following configurations.

macOS

  1. Configure Lacework Edge using MDM with the Always-On profile.
  2. Configure Guest User mode to enforce basic policies when a user is not logged into the client.

Windows (AzureAD domain joined)

  1. Configure Azure AD Transparent SSO.
  2. Enable Anti-Tamper.
  3. Enable Always-On

Guest User mode is optional.

Windows (non-AzureAD)

  1. Enable Anti-Tamper.
  2. Enable Always-On
  3. Configure Guest User mode to enforce basic policies when a user is not logged into the client.

Anti-Tamper (Windows only)

The Anti-Tamper feature configures clients to prevent non-administrator users on a machine from disabling Lacework Edge, or modifying its settings.

Administrators are allowed to alter the settings to recover from a broken installation or mis-configuration.

This feature is enabled by a server side setting.