Hp Identity Driven Manager Software Series Manuel d'utilisateur Page 108
- Page / 230
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
3-44
Using Identity Driven Manager
Defining Access Policy Groups
Parameters for Access Rules are described in the following table.
6. Repeat the above process for each rule you want to apply to the APG.
7. The Access rules are evaluated in the order (priority) they are listed in the Access
Rules table. Use Move Up or Move Down to arrange the rules in the order you
want them to be evaluated. IDM checks each rule in the list until a match on all
input parameters is found, then applies the corresponding access profile to the
user.
For example, if you want to allow a user to login in from any system during the
work week (Mon. - Fri.), but you want to deny access to users on the weekend,
you would:
• Create a Time for the weekend,
• Create an Access Profile to be applied during weekdays, "Default"
• Define two rules for the APG, similar to the following:
Location Time System Access Profile
ANY weekend ANY REJECT
ANY weekday ANY Default
When the user is authenticated, IDM checks the Access Policies in the order listed.
If it is Saturday or Sunday, the user’s access is denied. On any other day, the user
is allowed on the network. If the order were reversed, IDM would never read the
second rule because the first rule would provide a match every day of the week.
Table 3-8. Access Rule parameters
Field/Section Lists...
Location Locations you created by name, and the ANY option.
If you select ANY and the access profile for the rule points to a VLAN,
ensure that the VLAN is configured on every switch to which users in
this access policy group will be connecting.
Time Times you created by name, and the ANY option.
System Systems from which the user can log in.
• ANY allows user to login in on any system.
• OWN restricts users to systems defined for that user. See
“Configuring User Systems” on page 3-77 for details.
WLAN WLANs in the network, and an ANY option. If PCM Mobility Manager
is not installed the list is empty, but you can type in the WLAN.
Device Type Group You can select Device Type Group from
Device Type Group field. The
default is ANY option.
End Point Integrity If selected in IDM Preferences, information described in “Using IDM
with Endpoint Integrity Systems” on page 3-45.
Access Profile Access Profiles you created by name, the Default Access Profile, and
a REJECT option. Select REJECT if the rule will prohibit a user from
logging in.
- User’s Guide 1
- Contents 3
- 5 Troubleshooting IDM 5
- A IDM Technical Reference 6
- What’s New in IDM 4.0? 8
- IDM Architecture 9
- Introduction 10
- Terminology 12
- IDM Specifications 14
- Migrating from PCM/IDM 3.x 15
- Learning to Use PCM+ IDM 16
- Getting Started 17
- Before You Begin 18
- Installing on a Linux System 20
- IDM Usage Strategies 22
- Understanding the IDM Model 22
- IDM GUI Overview 24
- IDM Dashboard 26
- Using the Navigation Tree 26
- Domain Tabs 27
- Access Policy Groups node 31
- RADIUS Servers node 32
- Toolbars and Menus 33
- Using IDM Reports 35
- Creating Report Policies 38
- IDM Session Cleanup Policy 44
- Column Displays 48
- Find User Session 51
- User Reports 52
- Show Mitigations 54
- IDM Preferences 55
- Configuration Process Review 66
- Configuring Locations 68
- Adding a New Location 69
- Modifying a Location 73
- Deleting a Location 74
- Configuring Times 75
- Creating a New Time 76
- Modifying a Time 78
- Deleting a Time 78
- Device Finger Printing 79
- Deleting a User Agent Mapping 82
- Moving up User Agent Mapping 83
- Device Type Groups 83
- Modify Device Type Group 88
- Configuring Network Resources 89
- Adding a Network Resource 91
- ▼] to set the mask number 92
- Modifying a Network Resource 93
- Deleting a Network Resource 93
- Network Resource button 94
- Creating a New Access Profile 96
- Using Identity Driven Manager 100
- Configuring Access Profiles 100
- Modifying an Access Profile 103
- Deleting an Access Profile 104
- Defining Access Policy Groups 105
- Configuring User Access 112
- Using Global Rules 114
- Changing Global Rules 117
- Configuring Auto-Allow OUIs 118
- For a Domain 120
- For an Access Policy Group 120
- Adding an OUI 122
- Modifying an OUI 126
- Deleting an OUI 127
- Using Manual Configuration 131
- Adding RADIUS Clients 133
- Deleting RADIUS Servers 139
- Adding New Users 140
- Configuring User Systems 141
- Modifying and Deleting Users 143
- Deleting a User 144
- Using the User Import Wizard 145
- For Simple Authentication 153
- Using External Authentication 156
- XML User Import File Example 162
- (CSV) file 163
- Figure 3-69. Data Source 168
- Figure 3-70. CSV Data Source 169
- Figure 3-72. Add Users 171
- Figure 3-73. Remove Users 172
- Tab view 173
- Figure 3-76. Import Complete 175
- Overview 179
- Supported Devices 180
- Using Secure Access Wizard 181
- Troubleshooting IDM 203
- Pausing the Events Display 205
- Using Event Filters 206
- Viewing the Events Archive 207
- Setting IDM Event Preferences 209
- IDM Events 210
- Using Activity Logs 211
- Quick Tips 215
- IDM Technical Reference 217
- Best Practices 220
- Allowing vs. Rejecting Access 221
- Rate-Limiting 222
- Types of User Events 223
- Index–2 226
- Index–4 228
- ProCurve 5400zl Switches 230
Produits connexes et manuels pour Logiciel Hp Identity Driven Manager Software Series
(94 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.089 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels