Configuration and Administration > Security Rules > Security Rule List

Security Rule List
To Add or Edit a Security Rule
The Security Rule List form displays a list of all Security Rules that you can assign to a user or user group. The list contains four columns:
The name of the rule and, if applicable, the source IPs allowed for this rule.
A brief description of the rule and, if applicable, the interfaces and the date/time allowed for this rule.
States if the rule is “Enabled” or “Disabled;” if applicable, lists all authorized actions for the current rule.
Security Rules List Form
To Add or Edit a Security Rule
To add or edit a security rule, perform the following steps:
1.
The system displays the Security Rule list form (see previous page).
2.
The system displays the “Security Rules General” form.
Security Rules General Form
3.
From the Security Rule General form, enter the rule name (required), a brief description of the rule, its status (Enabled or Disabled), and the rule to be applied to the entire rule (Allow or Deny).
4.
To Configure Conditions for Accepting Source Pages
1.
The system displays the Security Rule Source IP form.
Security Rule Source Filtering Form
2.
The default rule (Allow or Deny) that applies to the entire security rule. The default permission is configured from the “General” tabbed form.
This section allows you to define the Source IP that will be used as the conditions for applying it to the rule.
The IP address to be added to the Added Source IP Conditions list box.
Hostname of the workstation. If the domainname is not entered, then the domainname of the APM is used to filter the source.
Domain name on which the workstation will connect from. If the workstation belongs to subdomain and only domain filtering is entered, all sub domains are allowed or denied access based on the rule permission.
Button to add to the conditions list the address, address range, or hostname/domainname you just entered in the IP or Netmask field.
Button to delete a selected IP address, address range, or hostname/domainname from the adjacent Source IP Conditions list box.
3.
Warning! If the domain name server is down or is not configured correctly, users with security rules that have host/domainname filtering with deny permission will still be denied access to the APM because the security rule can not be verified. If the rule is “Allow” the rule is ignored and the next “allow” rule is considered.

All successful DNS reverse lookup entries are cached for about 30 minutes, and all unsuccessful DNS reverse lookup entries are cached for about 15 minutes. If a user has a security rule with “deny,” and the DNS lookup of source was not verified, the user will be denied access to the APM for 15 minutes. In this case, the user must wait for 15 minutes before attempting to sign on again to the APM.

Configuration and Administration > Security Rules > Security Rule List