The advanced rule feature helps control who can access applications by setting specific conditions. Admin can create rules based on things like time-based (hourly, day, weekly), IP address location, and IP adress CIDR. If a user doesn't meet these rules, they can't access the application, making it more secure. This feature allows organizations to customize access rules for important applications, ensuring better protection.
In order to do that, you need to have admin user to create policy, please check these KB down below about Admin access:
- Login to https://portal.safous.com
- Go to Settings tab> ZTNA> Policies> Rules (Simple)
- In Rules (Simple), click on New Rules (Simple) button
- Once clicked, it will expand all the option for simple rule that can be use
In a simple rule, we can create between six available categories
Time : Only allowing application between start time to end time everyday Week : Only allowing application in specific day of the week (Sun-Sat) Day : Only allowing application in specific day of the month (1-31) Week & Time : Only allowing application in day of the week (Sun-Sat) between start time to end time Location : Only allowing application if user match with specific IP address and location IP Address : Only allowing application if user match with specific IP address / CIDR - Input the rule name; it's mandatory and must be unique compared to other policies. There is also a toggle status that can be used to enable the rule
- Choose simple rule category (Check step 4 for details) and input your specific time or day or IP address. In this article, we use "Time" category for example
- After all mandatory fields are filled, click Save
- New Created Rule will be shown in Rules (Simple) page
- After create Advanced Rules (Simple), we can use this rules in Policies (Settings> ZTNA> Policies> Policies) to get more flexibility or customizable conditional rules in application policies. Please refer to this article here.