To sync Windows device compliance data from Hexnode into ComplyJet, you’ll first need to create the right policies inside your Hexnode account. These policies help us detect and validate whether your devices meet security requirements.
Note: Without these policies, even if you manually enable settings like screen lock or disk encryption on your machine, the compliance checks will not pass. This is because there’s no way to confirm that the setting is consistently enforced across all devices. Always create a policy in Hexnode and enforce it on all devices to ensure compliance.
Required Policies
ComplyJet checks for three specific policies in Hexnode:
Screensaver / Auto-Lock
Microsoft Defender (Antivirus)
Disk Encryption (BitLocker)
Each of these policies must be created and assigned to devices.
1. Screensaver / Auto-Lock
This policy ensures inactive devices automatically lock after a set period.
Steps:
Go to Policies → New Policy → New Blank Policy.
Enter a name and description
In the Windows section, go to Password → Configure.
Set Auto-lock (minutes) to a value greater than 0. For example "5 minutes" means the screen will lock after 5 minutes of inactivity.
Under Policy Targets, click Add Device and assign to all your windows devices.
Save the policy.
2. Microsoft Defender (Antivirus)
This policy ensures antivirus protection is enabled on all devices.
Steps:
Go to Policies → New Policy → New Blank Policy.
Enter a name and description
In the Windows section, click Microsoft Defender → Configure.
Under Windows Defender Security Center you can keep the default settings enabled, or customize them further based on your organization’s requirements and preferences.
Assign devices under Policy Targets.
Save the policy.
Using another antivirus?
If you prefer not to use Microsoft Defender, ComplyJet can also detect the presence of several third-party antivirus applications. If one of these is installed and shows up in Hexnode’s application inventory, the device will still be marked as having antivirus installed ( even without the above defender policy ).
Supported Windows antivirus apps include:
Avast Antivirus
Avast Free Antivirus
Avast Premium Security
Avira Antivirus
Bitdefender Antivirus Free
Bitdefender Endpoint Security Tools
ClamAV
Coro
CrowdStrike Windows Sensor
Cylance PROTECT
Cylance Unified Agent
ESET Security
Forticlient
Huntress
Kaspersky Internet Security
Kaspersky Total Security
McAfee All Access Total Protection
McAfee AntiVirus
McAfee Endpoint Security Threat Prevention
McAfee LiveSafe
Microsoft Defender / Windows Defender
Norton 360 Premier
Norton AntiVirus
Norton Security
Norton Security Online
SentinelOne
Sophos Anti-Virus
Sophos Home
Symantec Endpoint Protection
Trend Micro Apex One Security Agent
Webroot SecureAnywhere
WithSecure Elements Agent
3. Disk Encryption (BitLocker)
This policy ensures devices are encrypted with BitLocker.
Steps:
Log in to your Hexnode admin account.
Go to Policies → New Policy → New Blank Policy.
Enter a name and description
In the Windows section, navigate to Security → BitLocker.
Click Configure.
Setup Bitlocker according to the steps & configurations mentioned on this page.
Under Policy Targets, click Add Device and assign to all your windows devices.
Save the policy.
Note: Hexnode does not currently expose this BitLocker setting via their API. We’ll start pulling this data as soon as it becomes available.
Next Steps
Once these policies are created and applied to devices in Hexnode, you’re ready to connect Hexnode to ComplyJet and start syncing compliance data.
ComplyJet will evaluate all the policies attached to each device pulled from Hexnode and display the compliance status directly in your dashboard. This ensures you have a clear, centralized view of which devices are compliant and which need attention.