ENC Authorization Rules Policy Group
The ENC Authorization Rules policy group lets you view or edit the following policies for the ENC authorization component. This component handles all authorization requests from the ENC Gateway Server or ENC Client. It contains a database of rules that are evaluated to determine if some action is permitted or denied. For example, when a client wants to log on to a server, the server asks the authorization component whether a client with a certain IP address and name is allowed access. The component looks up the rules and replies either Yes or No.
It does this using the following checks:
The computer must be a member of a specified realm to be allowed to do anything. Realm membership is defined on the Name Mapping tab page of the ENC Authorization Rules configuration view, which is invoked immediately when you select the ENC Authorization Rules policy group.
Any computer with an IP address not in the IP Whitelist table is always denied access.
A request must be allowed by an access control list entry. An ACL entry specifies who (computers, realms) can do what (operations) and when (during specified time ranges). ACLs are defined on the Access Control and Time Ranges tab pages of the ENC Authorization Rules configuration view.
Note: See the Implementation Guide for an expansive overview of the terms and usage of authorization within the ENC environment.
|
Copyright © 2013 CA.
All rights reserved.
|
|