If the identity match fails, the next rule is taken into account.

Fig. 2–10Access Control Service Trustzone - Rules - Identity Matching Basic

List 2–20Access Control Service Trustzone - Rules - Identity Matching Basic – section Basic Identity Matching

Parameter

Description

 

 

Policy Name

The name of the policy. This name is visible in the log file and in the access cache.

 

 

Deactivate Policy

Selecting the checkbox disables the configured policy.

 

 

 

Client Connection

External

 

Ignore

 

Internal

 

Set to External effects that this policy rule is ignored for internal connection (connections to an IP address which is not defined

 

in External IPs, see above).

 

Set to Internal effects that this policy rule is ignored for external connections (connection to an IP address which is defined in

 

External IPs, see above).

 

Set to Ignore means that the policy rule is neither ignored for internal nor external connections.

 

 

Time Restriction

Each policy rule can be assigned with a date and time restriction.

 

The date restriction consists on a Start Date and an End Date. Out of that time period this policy rule will be ignored.

 

The granularity of the time restriction is 1 hour on a weekly base.

 

A rule is allowed at all times by default, that is all checkboxes in the Time Interval window are cleared.

 

Selecting a checkbox denies a rule for the given time.

 

Click

to configure allowed and disallowed time intervals simultaneously.

 

Click

to clear selected checkboxes.

 

Click

to to configure disallowed time intervals.

Select Continue if mismatch to proceed the health evaluation within the policy rule set with the next rule (default).

Select Block if mismatch to stop the health evaluation process and set the client to "unhealthy" immediately.

28 Server Config – Access Control Service

Page 30
Image 30
Barracuda Networks VERSION SP4 manual Policy Name, Deactivate Policy, Client Connection External Ignore Internal