Only one Device Fingerprint rule is allowed per Access Manager Appliance setup. If you make any change in the Device Fingerprint rule, the change is applicable to all risk policies that use this rule.
Perform the following steps to configure a Device Fingerprint rule:
Click Policies > Risk-based Policies > Rules > New.
Click the Create Rule icon.
Specify a name for the rule and then select Device Fingerprinting Rule in Rule Definition.
Specify the following details:
Valid for: Specify the number of days for which you want to use the stored fingerprint.
Store Fingerprint in: Select any one of the following options:
Browser: To store the fingerprint in the browser cache on the device.
Server: To store the fingerprint in the configured risk-database. You can use this option only in risk-based post-authentication scenarios. To store the fingerprint in risk-database, you must enable storing the user history in the User History tab. (Policies > Risk-based Policies > User History).
NOTE:Storing a fingerprint in Built-in Data Store (Bundled eDirectory) is not supported.
For more information, see Section 6.2, Understanding Device Fingerprint Parameters.
Fingerprints stored per user: Specify the number of fingerprints you want to store per user. This option is applicable only when you select Server to store fingerprints. The permissible value is 1 to 20.
Click Parameter Settings if you want to modify the default settings. For information about parameters, see Section 6.2, Understanding Device Fingerprint Parameters.
For information about how to assign a rule to a risk-policy, see Configuring a Risk Policy.
For information about risk-based authentication, see Risk-based Authentication and Risk-based Policies.