Specifications
Match Any − This is an unconditional match for a currently applied policy.•
Match Selected − A match occurs when the currently applied policy is one of
policies selected in the list.
•
Exclude Selected − A match occurs when the currently applied policy is not one of
the policies selected in the list.
•
IMPORTANT:
Whether or not a policy matches a selection from the Policy List depends on the operational
mode/features supported on specific device types:
MatrixDFE−Platinum:
Multi−auth − The specific policy being matched is determined by the Apply
Policy action. If the action is Apply Policy to Port, then only port policies
are compared to your selection(s) from the Policy List.
For example, if you create a rule to Apply Policy to Port, the policy matching
is only checked against the policy that is applied to the port, even when there
may be an authenticated MAC or IP based policy currently in effect.
•
StrictX − Same as Matrix N−Series Platinum in multi−auth mode, except
that the port−based policy is used for authentication. In any case, the policy
matching works the same way as the N−Series Platinum (multi−auth).
•
•
MatrixDFE−Gold
Multi−auth − Matrix N−Series Gold does not support MAC/IP override. As
a result, the only ASM action that can be taken for applying a policy is to
Apply Policy to Port. Policy matching always compares the policy(ies)
selected in the Policy List against the policy that is currently in effect.
•
•
MatrixC2 − Functions the same way as the Matrix N−Series Gold (StrictX).•
Non−DFE (MatrixE1/E7) − Policy matching always compares the policies selected
from the Policy List against the policy that is currently in effect on the port.
•
VLANs
This tab lets you select one or more VLANs, currently applied on the port, to determine
whether or not to apply an action.
Match Any − This is an unconditional match for a currently applied VLAN.•
Automated Security Manager Help
Rule Conditions 158