Policies control access to Assets, Virtual Assets and Subnets. A Policy is defined by its Sources, Conditions and Destinations. Policies can be disabled and are then not evaluated.
On the source side you can choose:
- One or more User Groups to permit access to all Users in the chosen groups.
- One or more Assets to control machine to machine access.
- Virtual Assets or Subnets cannot be selected as Sources
Conditions further restrict access. Thus, even a Client belonging to a User Group mentioned in the Sources may be denied access if all the Conditions* are not met.
You can configure the following Conditions:
- operating system and permissible minimal and/or maximal operating system versions
- geographical location at the time of access (Allowed Origins)
A Destination is either an Asset, Virtual Asset or Subnet combined with a service defined on the corresponding object. In order to choose a service as here, please remember to define it on the Asset, Virtual Asset or Subnet first.