18 Citrix NetScaler Policy Configuration and Reference Guide

Feature-Specific Bindings for Advanced Policies

Feature Name

Virtual Servers

Policies

Bind Points

Use of Advanced Policies in

 

Configured in the

Configured in the

Configured for the

the Feature

 

Feature

Feature

Policies

 

 

 

 

 

 

 

Access Gateway

VPN server

Clientless Access

VPN Global

To determine how the

(clientless VPN

 

policies

VPN server

Access Gateway performs

 

 

 

 

authentication,

functions only)

 

 

 

 

 

 

 

 

authorization, auditing, and

 

 

 

 

 

other functions, and to

 

 

 

 

 

define rewrite rules for

 

 

 

 

 

general Web access using

 

 

 

 

 

the Access Gateway.

 

 

 

 

 

 

Bind Points and Order of Evaluation

For an advanced policy to take effect, you must ensure that the policy is invoked at some point during processing. To do so, you associate the policy with a bind point. The collection of policies that is bound to a bind point is known as a policy bank.

Following are the bind points that the NetScaler evaluates, listed in the typical order of evaluation:

1.Request-time override. When a request flows through a feature, the NetScaler first evaluates request-time override policies for the feature.

2.Request-time Load Balancing virtual server. If policy evaluation cannot be completed after all the request-time override policies have been evaluated, the NetScaler processes request-time policies for load balancing virtual servers.

3.Request-time Content Switching virtual server. If policy evaluation cannot be completed after all the request-time policies for load balancing virtual servers have been evaluated, the NetScaler processes request-time policies for content switching virtual servers.

4.Request-time default. If policy evaluation cannot be completed after all request-time, virtual server-specific policies have been evaluated, the NetScaler processes request-time default policies.

5.Response-time override. At response time, the NetScaler starts with policies that are bound to the response-time override bind point.

6.Response-time Load Balancing virtual server. If policy evaluation cannot be completed after all response-time override policies have been evaluated, the NetScaler process the response-time policies for load balancing virtual servers.

7.Response-time Content Switching virtual server. If policy evaluation cannot be completed after all policies have been evaluated for load

Page 32
Image 32
Citrix Systems 9.2 manual Bind Points and Order of Evaluation