Specifications
48
Access Control
This section details how the system can be accessed, from creating user account to giving users access
rights to the system. Depending on what type of user database configured some functions are not
accessible.
By the end of this chapter the reader should have a strong understanding of how the access control
infrastructure of the product is built up and how it achieves such a strong level of access control
flexibility.
Introduction
This chapter covers a little access control theory as well as how the Barracuda SSL VPN deals with
common challenges. It includes the following sections:
• Overview
• Access Control Architecture
• Flexibility
Overview
The Barracuda SSL VPN is a complete SSL VPN solution that provides secure, authenticated and
controlled access to enterprise intranets, business applications and internal resources from virtually any
modern desktop or notebook device.
At the heart of the product lies its access control engine. This is responsible for the complete
management of all users from their initial log-on, right through to their exit from the system. More
importantly it secures control of user access to different areas of the internal network.
The engine is the key component in verifying a user accessing the system and determining the actions
that they may perform. Every action performed within the product is monitored by the access control
engine in real-time and, as the diagram depicts, it acts as the ‘guardian’ of the system.
System of Trust
The concept of trust is a fundamental part of any secure system. As such it is crucial for the security
policy to cater for and control how that trust is granted, used and revoked.