Barracuda Networks VERSION SP4 29 Barracuda NG Network Access Client - Administrators Guide

List 2–21 Access Control Service Trustzone - Rules - Identity Matching Basic – section Basic Matching

Parameter Description

Policy Matching • All-of-following

• One-of-following

Set this option to All-of-following if all of the identity matching parameters (basic and advanced), except the empty ones, must

match for a successful identity verification. If just one field does not match, the identity is not verified successfully within this policy

rule and the health match process will proceed with the next policy rule in the policy rule set.

Set this option to One-of-following effects that the identify verification succeeds if just one field matches.

Be aware of using the right syntax for the group patterns: for example, MS Active Directory groups have be be entered as

distinguished name (for example CN=group-*, OU=my-unit,CD=mycompany,DC=at).

Net Bios

Enter the name of a NetBIOS Domain to match only users of a specific Domain.

Only available for "Current User" and "VPN" rule set

User [Login

Enter user name patterns here. A user name is the login name (without leading "DOMAIN\").

Networks Enter networks here. The users peer address must be part of at least one of these networks.

Allowed OS

• Name

Define allowed or explicitly denied client OS version here. The OS Versions parameter needs to be one of the listed Microsoft

Windows Versions.

The Service Pack Major Number and the Service Pack Minor Number are the service pack numbers of the client OS.

The Minimum Build Number needs to be the OS build number and is checked only, if Policy on OS was set to

This-One-Or-Newer.

Possible values for Policy on OS field are

• Exact-This-One

the client OS must match OS Version, Service Pack Major Number, and Service Pack Minor Number.

• Explicit-Deny

If the clients OS matches OS Versions, Service Pack Major Number, and Service Pack Minor Number, then the current policy