I need to Build a use case, where I need to allow only specific Machines to access a web applications.
The best approach i reached to was through the APM module, where i can retrieve the Machine info, and validate the BIOS Serial number (which is unique among different machines) against a list of Allowed SN.
If the variable (
session.machine_info./Common/Test-Access_act_machine_info_ag.bios.sn) exist in list ==> Grant Access to Web app
If the variable does not existing the list ==> DROP access (And provide a way for the admin to include it to the list if it's an approved machine)
If this a good approach to do? or is there any other easier and practical way to authenticate a Machine before granting access?
If yes, where should i write the list of allowed BIOS SN, and how to do make Validation check (If SN exist in LIST)