Endpoint Administration Guide for Windows › Monitoring and Auditing › Events Interception › Interception Modes
Interception Modes
Based on the interception mode, CA Access Control intercepts, checks for authorization, and logs audit records of access request events. CA Access Control has the following modes of interception:
- Full Enforcement mode Full Enforcement mode is the normal operation mode for CA Access Control. In this mode, CA Access Control intercepts events and enforces the access rules written to the database.
- Audit Only mode Audit Only mode records all intercepted events without checking or enforcing access rules.
- No Interception mode No Interception mode disables CA Access Control event interception. In this mode, CA Access Control does not intercept events or enforce access rules.
Note: Warning mode Warning Mode is a property that you can apply to a resource, and an option that you can apply to a class. If Warning mode is applied to a resource or a class and an access violates an access rule, CA Access Control writes an audit log entry with the return code W, but permits the access to the resource. If a class is in Warning mode, all the resources in that class are in Warning mode. is not an interception mode; it works in Full Enforcement mode only and is designed for short term use during implementation.
|
Copyright © 2012 CA.
All rights reserved.
|
|
