Secure Mobile Access 12.4 Administration Guide

Defining Zones for Special Classes of Users

Another method for preventing special classes of trusted users from being assigned to the Default zone (and potentially being denied access) involves creating a zone that contains no device profiles, and then assigning that zone to a community to which only those trusted users belong.

For example, if you want system administrators to be able to access network resources regardless of the client device they’re using, you could assign them to a community that contains a no-profile zone. Then when system administrators select a realm that references that community and log in, they are placed in the no-profile zone, instead of the global Default zone, which may be set up to block unrecognized clients.

To create a no-profile zone

  1. In the AMC, navigate to User Access > End Point Control.

    The End Point Control page displays.

  2. In the Zones and Profiles section, click Edit next to Zones.

    The Zones and Profiles page displays.

  3. Click the + (New) icon.

  4. Select the zone to create

  5. In the Name field, type a meaningful name for the zone.

  6. In the Description field, type a descriptive comment about the zone.

  7. You can optionally select a Required data protection tool for the zone. However, if you want this special class of trusted users to have flexibility regarding the types of devices they’re connecting with, leave this field set to None.

  8. Click Save.

After you’ve defined the no-profile zone, you must create a realm specifically for this special class of trusted users. Configure the realm with a dedicated community so that only this special class can log in to it. For more information, see Assigning Members to a Community.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.