The pre-definedAccess Control Service Trustzones can be referenced within the configuration dialogue Virtual Servers > <servername> > Assigned Services > <servicename> (ACS) > Access Control Service Settings > System Health-Validator view > Trustzone section.

Fig. 2–8Access Control Service Trustzone - Configuration dialogue

The Barracuda NG Control Center automatically links the Trustzone to the appropriate global / range / cluster object.

As mentioned in the introduction above, each trustzone contains three policy rule sets. There is a "local machine" policy rule set that is used to determine a policy for a connecting machine if no user is currently logged in. As soon as user authentication is requested by the connecting client, the "current user" policy rule set is used for policy matching.

User authentication can be skipped by setting the the parameter "Access Control Service Settings" > User Authenti- cation > User Authentication Required to "No". Furthermore, local machine rule sets allow to skip user authentication for a specific policy rule (Policy Assignments > Exception > User Authentication Required.

If the connection attempt is mediated by an intermittent VPN Service, then the VPN policy rule set is adopted. More details are available in the introduction above.

Create an Access Control Server service within Config > Box > Virtual Servers >

<servername> > Assigned Services > <servicename> (ACS)).

Click Access Control Service Trustzone to open the configuration dialogue.

26 Server Config – Access Control Service

Page 28
Image 28
Barracuda Networks VERSION SP4 manual Servername Assigned Services servicename ACS