Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
231232233234235236237238239240
3-115
Designing Access Controls
Finalize Security Policies
Table 3-88. Resources Allowed in Access Profiles
Access Policy Group Rules. After you have created the access profiles, you
can create access policy group rules, which match users in the group to the
profile according to other inputs.
1. Normal access rights—You might set up one rule in each group for what
you define as “normal” access conditions for the user—in other words,
the conditions that must be met for the user to receive all of his or her
rights. These conditions might be normal work hours or any hours, switch
ports in the user’s department or any location, and a WLAN with WPA/
WPA2 encryption. In a network that enforces endpoint integrity, the EI
posture should be Pass. After defining these conditions as inputs, you
select the access profile you created for the access policy group.
2. Limited access rights—You might then set up other rules in each group
for limited access under other conditions. For example, if you have
created an after hours access profile, you can create a rule that matches
the evening hours with that profile. Or if your network has an unsecured
WLAN, you could create a rule that matches that WLAN with an
“unencrypted_wireless” access profile.
Access Profile VLAN ID Resources Rate Limit QoS