Trust Scoring
SonicWall Cloud Secure Edge (CSE) calculates Trust Levels for devices in your fleet to determine access
- Updated on Sep 10, 2025
Overview
In a Zero Trust access framework, device posture evaluations are a standard method for verifying that endpoints are secure; these evaluations determine whether end users’ devices are considered secure enough to access corporate resources.
Cloud Secure Edge (CSE) uses a methodology called Trust Scoring to continuously evaluate devices’ security posture, in realtime. This evaluation process helps admins understand and monitor the health of devices in their organization.
In this process, device signals (i.e., CSE’s built-in Trust Factors and Trust Integration data) are aggregated and evaluated against admin-defined criteria for acceptable device trust: The admin defines which conditions must be met in order for their end users’ devices to be deemed secure enough to access private resources. Based on this evaluation, the device is assigned a Trust Level.
In Cloud Secure Edge, admins can set required Trust Levels (e.g., High, Medium, or Low) for selected Trust Factors (e.g., a Trust Factor is Auto Update: Is auto-update enabled on your end user’s device?). This is configured within a Trust Profile (a profile containing trust configurations that apply to a specific subset of devices) to enforce a minimally-required state of health (i.e., Trust Level) for devices’ accessing protected services.
A snapshot of the Cloud Secure Edge admin console, showing Trust Factors with varying Trust Effect settings applied.
Trust Scoring Calculation
The Trust Scoring calculation takes into account all Trust Factors associated with a device as well as the Trust Effect (i.e., the configured impact of a failed Trust Factor condition on a device’s Trust Level) assigned to each of these Trust Factors. The result of this aggregated information is a single Trust Level, which describes the device’s overall security posture.
A snapshot of the Cloud Secure Edge admin console, showing a list of Trust Factors, their source, and the operating systems for which they are available.
Trust Levels
A device’s Trust Level can be used as input to zero-trust policies. An organization’s admin configures access policies in terms of Trust Levels (and Roles) needed to access a service. If a device meets an organization’s policy requirements, then it can access CSE-secured resources; If a device does not satisfy key enabled Trust Factors (sufficient to meet the Trust Level threshold), then it cannot access CSE-secured resources.
A device can have four different Trust Levels:
| Trust Level | Definition |
|---|---|
| Always Deny | The lowest level of trust, representing devices that should not be trusted. |
| Low | The second-lowest level of trust, representing devices that only have access to basic support tools and general intranet homepages. |
| Medium | The second-highest level of trust, representing devices that admins can cautiously provide access to select protected resources. |
| High | This is the highest level of trust, representing devices that are in a healthy state and not compromised. |
Trust Level Status
Trust Level statuses can be viewed in the Command Center: Navigate from Directory & Infrastructure > Devices to see a list of devices’ Trust Level statuses. For a more detailed view of the Trust Level status, select the status of a particular device. These statuses indicate the security posture or state of devices in your org, and they are as follows:
| Status | Definition |
|---|---|
| Reporting | The app is running and reporting a Trust Level on the device. |
| Expired | The device has not reported a Trust Level within the configured period of time. A Threshold for Stale Trust Levels can be set to enforce a Trust Level expiry timeframe (e.g., 24 hours). |
| Pending | The device has been registered recently and it has not yet reported a Trust Level; It can also indicate that the device has been banned. |
| Overridden | The Trust Level for the device has been overridden via the API. |
Trust Factors
A Trust Factor is an attribute (visible to end users on their devices) that is evaluated against admin-defined criteria, used as input in the device Trust Scoring calculation. There are two types of Trust Factors: CSE-sourced factors and externally-sourced factors (i.e., those derived from our Trust Integration partners). CSE-sourced factors are available when the app is deployed onto a device; Externally-sourced factors, on the other hand, require a Trust Integration to be configured.
Trust Effect
The Trust Effect is the impact of a Trust Factor on a device’s Trust Level when the evaluated device does not satisfy the Trust Factor requirements. The impact of each Trust Factor is determined by the admin.