Defining Zones for Special Classes of Users
Another method for preventing special classes of trusted users from being assigned to the Default zone (and
potentially being denied access) involves creating a zone that contains no device profiles, and then assigning
that zone to a community to which only those trusted users belong.
For example, if you want system administrators to be able to access network resources regardless of the client
device they’re using, you could assign them to a community that contains a no-profile zone. Then when system
administrators select a realm that references that community and log in, they are placed in the no-profile zone,
instead of the global Default zone, which may be set up to block unrecognized clients.
To create a no-profile zone
In the AMC, navigate to User Access > End Point Control.
The End Point Control page displays.
In the Zones and Profiles section, click Edit next to Zones.
The Zones and Profiles page displays.
Click the + (New) icon.
Select the zone to create
In the Name field, type a meaningful name for the zone.
In the Description field, type a descriptive comment about the zone.
You can optionally select a Required data protection tool for the zone. However, if you want this special class of trusted users to have flexibility regarding the types of devices they’re connecting with, leave this field set to None.
After you’ve defined the no-profile zone, you must create a realm specifically for this special class of trusted
users. Configure the realm with a dedicated community so that only this special class can log in to it. For more
information, see Assigning Members to a Community.
Was This Article Helpful?
Help us to improve our support portal