Policies
      Back to home
      1. Support Center
      2. Safous ZTA Admin Guide
      3. Policies

      [ZTA] Policies/Actions

      Actions is a new menu in App Gateway version 5 that allows you to configure the actions users can perform when accessing the application. If you are a former Safous ZTA user from version 4, this is essentially the same configuration as the "Configuration" field in Policy.

      Actions makes it easier for administrators to configure specific capabilities and then bind them to applications. Actions has different types of configuration on each application or protocol type: HTTP, HTTPS, RDP, SSH, VNC, TELNET, SMB, Network, SaaS, and Link. 

      Accessing Actions

      1. Login to https://portal.safous.com
      2. Navigate to Settings > ZTNA > Policies > Actions
      3. List of Actions shown with below details

        (1) "New Action" button, to add your Action configuration and use it in Application
        (2) Name of the existing Action
        (3) Description of the existing Action
        (4) Enabled Actions of each Action entry  
        (5) "+" button, to expand the information of that specific Action

      Creating New Action

      1. Click "New Action" button, it will expand multiple forms to be filled out for new action

      2. When filling out the form, please follow these rules:

        • Name is a required field and must be unique compared to other action names.
        • Description is a field where you enter the additional description for your configured action.
        • Protocol (1) is a type of application protocol that you want to configure. This field will reflect the configurable option in Action field (2).
        • Action (2) is an specific application or protocol configuration for what action capabilities that user granted when accessing the application. Below detail of supported action that administrator can configure:
          • HTTP and HTTPS, for details of the supported action please refer here.
          • RDP, for details of the supported action please refer here.
          • SSH, for details of the supported action please refer here.
          • VNC, for details of the supported action please refer here.
          • Telnet, for details of the supported action please refer here.
          • SMB, for details of the supported action please refer here.
          • Network, the only supported action for network application or protocol is "Log successful user access".
          • SaaS and Link, the only supported action for SaaS and Link protocol is "Log successful user access" and "Enforce session fingerprinting".
      3. Click "Save" after finish configure condition based on your usage.

      Applying the Action to Application

      In order for the action configuration to work, Administrators must enable the feature in the Application. Follow these steps:

      1. In the Admin Portal, go to the Application page (Settings > ZTNA > Applications) and select the application where the action should be applied. You can either create a new application or edit an existing one.
      2. On the New Application screen, navigate to the Policies (Condition and Action) field, as shown in the screenshot below. This is where you can enable the action by connecting it to the application. It will then be used every time a user wants to access the application. Then, click Save.

      Modify or Delete Existing Action

      1. Click plus sign (+) button on existing action, which will expand the information of that specific condition
      2. Click Edit to modify, or Delete to delete the action.