Skip to content

Device Segments

Device segments group endpoints in your estate by criteria such as operating system, hostname pattern, or custom tag, and allow you to apply settings on a per-segment basis. Segments are the primary mechanism for controlling which features are enabled on which devices.

💡 Where segments are used: Segments control Active Response access, malware scanning behaviour, memory protection settings, and other endpoint-side feature toggles. They are referenced from the Active Response and Local Configuration articles.

Accessing Device Segments

Navigate to Settings > Device Segments. This view requires the Admin role.

The page lists all segments configured for your organisation, with the device count, criteria summary, and applied feature settings for each.

How Segmentation Works

Each device in your estate is automatically evaluated against the criteria for every segment. A device can be a member of multiple segments. When two segments apply conflicting settings to the same device, segment priority determines which setting wins (higher-priority segments override lower-priority ones).

Segment membership is re-evaluated whenever:

  • A new device enrolls
  • A device's hostname, OS, or other criteria field changes
  • A segment's criteria are edited

Creating a Segment

  1. Go to Settings > Device Segments.
  2. Click New Segment.
  3. Give the segment a name and optional description.
  4. Define the criteria that identify which devices belong to this segment. Criteria can include:
  5. Operating system (Windows, Linux, macOS)
  6. Hostname (exact match or wildcard pattern)
  7. IP address range
  8. Custom tag value
  9. Universal Sensor agent version
  10. Configure the settings that should apply to devices in this segment (see the next section).
  11. Set the segment priority (a number — higher wins).
  12. Click Save.

The segment becomes active immediately and devices matching the criteria will pick up the new settings the next time they check in.

Per-Segment Settings

The following settings can be configured per segment:

Setting Effect
Active Response enabled Allows users with the Active Response role to start sessions and run actions on devices in this segment. See Active Response.
Malware scanning Controls whether the endpoint agent performs on-access and on-demand malware scanning.
Memory protection Enables additional memory-level threat protection. May affect performance on resource-constrained hosts.
USB control profile Selects which USB device control profile applies. See USB Controls.
End-user notifications Controls whether the endpoint displays toast notifications to the user. See End User Notifications.
Local configuration overrides Permits or blocks local configuration changes on the endpoint. See Local Configuration.

Editing a Segment

  1. Go to Settings > Device Segments.
  2. Click the segment you want to edit.
  3. Make your changes to criteria, settings, or priority.
  4. Click Save.

Changes propagate to devices on their next check-in.

Compatibility Checks

When you change a setting on a segment, SenseOn checks each affected device against the minimum Universal Sensor agent version that supports that setting. If any device has an out-of-date agent, you will see a warning listing the affected hosts. The setting still applies, but devices below the minimum version will ignore it until they are upgraded.

To see which devices are affected by a compatibility warning:

  1. Open the segment.
  2. Click the Compatibility tab.
  3. The list shows each device, its current agent version, and whether each configured setting is supported.

Deleting a Segment

  1. Go to Settings > Device Segments.
  2. Click the segment.
  3. Click Delete Segment.
  4. Confirm the action.

Devices that were only in the deleted segment fall back to the Default segment.

The Default Segment

Every organisation has a Default segment that applies to any device not matched by a more specific segment. You cannot delete the Default segment, but you can edit its settings. Use the Default segment to set safe baseline behaviour for the whole estate, then layer more specific segments on top for exceptions.

Auditing Segment Changes

All segment creation, edit, and delete events are recorded in the Audit Log with the action category segment.