Secure Mobile Access 12.4 Administration Guide

Creating a Quarantine Zone

For devices that cannot be classified—that is, they do not match any of the Deny or Standard zone profiles—you can create a Quarantine zone. You can offer a user whose device is classified into this zone Web links and an explanation, for example, of how to bring his or her device into compliance with your security policies, or how to configure a system for EPC interrogation.

Only one Quarantine zone per community can be defined (you can create multiple Deny and Standard zones).

When you configure a community, you choose the fallback zone for devices that cannot be classified: they can either be placed in the Default zone or a Quarantine zone. For more information, see Using End Point Control Restrictions in a Community

To define a Quarantine zone

  1. In the AMC, navigate to User Access > End Point Control.

    The End Point Control page displays.

  2. In the Zones and Profiles section, click Edit next to Zones.

    The Zones and Profiles page displays.

  3. Click the + (New) icon.

  4. Select Quarantine zone from the drop-down list.

    The Add Quarantine Zone page displays.

  5. In the Name field, type a meaningful name for the zone.

  6. (Optional) In the Description field, type a descriptive comment about the zone.

  7. In the Customization area, type the message you want quarantined users to see. You might offer an explanation for why a device was placed in quarantine and what is required to make it comply with your security policies.

    Remediation steps for devices that are placed in a Quarantine zone should probably include information on how to configure a system for EPC interrogation.

  8. Add any Web links that can help users bring their devices into compliance. This can be a mixture of public and private URLs:

    • A public address might reference an Internet URL from which the user can download a software component, such as a Java Virtual Machine. Public resources are normally redirected through the appliance; prevent this redirection by adding the resource in the exclusion list. See Using the Exclusions for instructions.
    • A private address might reference an intranet URL containing the latest virus definitions. In this case, rules are automatically created to give users access to the URL you specify and to prevent them from accessing any other resources.
  9. Click Save or Save and Add Another.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.