Device and platform restrictions

I am new. Where should I start?

Purpose

The Device OS access control allows organizations to:

• Restrict access to specific device platforms

• Allow access only from approved operating systems

• Block insecure or unsupported device types

• Enforce security policies based on device compliance

This helps improve overall security by ensuring users only access systems from trusted platforms.

Prerequisites

Before configuring device-based access control, make sure:

• You have Admin or Security Management permissions

• An Access Security policy can be created or edited

• You know which device OS platforms should be allowed or denied (for example: Windows, macOS, iOS, Android)

I already understand. How do I proceed step by step?

Step 1: Create a New Access Security Policy

• Sign in as an administrator : Oten Admin | Security Policy & User management

• Profile Account → Admin

• Welcome page Admin

• Click on menu Security Policy → Access Security

• Click button Create access security

Step 2: Add an Access Security Rule

1. In the Access Security Rules section, select Add rule

2. A new rule (for example, Rule 1) will be created

Step 3: Configure Device OS Condition

1. Under the rule, select Add condition

2. Choose Device OS

Step 4: Select Policy Mode

Choose how the selected device OS should be treated:

Whitelist / Allow

• Users with the selected device OS will have access

• Recommended when you want to explicitly allow only trusted platforms

Example:

• Allow access only from Windows and macOS

Blacklist / Deny

• Users with the selected device OS will not have access

• Recommended when you want to block specific platforms

Example:

• Deny access from Android devices

Step 5: Select Device Operating System

1. In the Device OS field, select one or more platforms

2. Multiple OS types can be added depending on policy requirements

Step 6: (Optional) Add More Conditions

• Select Add condition to combine Device OS with other controls such as:

  • IP address or IP range

  • Location

  • Device compliance

• Conditions within the same rule are evaluated together

Step 7: Create Access Security Policy

1. Review all configured rules and conditions

2. Select Create access security to save and activate the policy

Result

• User access is evaluated based on their device operating system

• Access is granted or denied according to the configured policy mode

• Policies are enforced during sign-in and access attempts

Additional Notes

• If Whitelist / Allow is used and no OS is matched, access will be denied by default

• If Blacklist / Deny is used, only the selected OS platforms are blocked

• Device OS detection depends on client and browser capabilities

• For higher security, combine Device OS rules with MFA or IP-based controls

Summary

• Device OS access control helps secure systems by platform

• Supports both allowlist and denylist models

• Can be combined with other access security rules

• Suitable for both enterprise and high-security environments