What can I do here?
Use this window to configure an access role and its networks.
Getting Here - Object Explorer > New > Users > Access Role > networks |
What background information do I need to know?
Before creating access role objects, you must first activate Identity Awareness.
You can use Access Role objects as source and/or destination parameter in a rule. Access role objects can include one or more of these objects:
To enforce Identity Awareness, use these access role objects in the Rule Base.
Important: Before you add Active Directory users, machines, or groups to an access role, make sure there is LDAP connectivity between the Security Management Server and the AD Server that holds the management directory. The management directory is defined on the Objects Management tab in the Properties window of the LDAP Account Unit.
To create an access role:
The New Access Role window opens.
Identity Awareness engine automatically recognizes changes to LDAP group membership and updates identity information, including access roles. For more, see the R80.10 Identity Awareness Administration Guide.