Managing access control policy sets

A policy set is a group of policies that are used together to protect a resource.

Before you begin

You must create access control policies. See Creating an access control policy.

About this task

You can view, create, modify, or delete a policy set.

Procedure

  1. Log in to the local management interface.
  2. Click Secure Mobile Settings.
  3. Under Policy, click Access Control.
  4. Perform one or more of the following actions:
    Create a policy set
    1. Click Create policy set.
    2. Type a name for the policy set in the Name field.
      Note: The name must begin with an alphabetic character. Do not use control characters, leading and trailing blanks, and the following special characters ~ ! @ # $ % ^ & * ( )  + | ` = \ ; :  " ' < > ? , [  ] { } / anywhere in the name.
    3. Optionally, type a description in the Description field.
    4. In the Policy Combining Algorithm dialog, set the combined action for the policy set by choosing one of the following options:
      Deny access if any policy in the set returns deny
      Choose this option if you want the policy set to deny access if any policy in the set returns a response of deny.
      Permit access if any policy in the set returns permit
      Choose this option if you want the policy set to permit access if any policy in the set returns a response of permit.
      Return the decision of the first policy in the set that returns either permit or deny
      The policies are evaluated in the order they are listed in the set. Choose this option if you want to use the first policy that returns a response of permit or deny as the result of the policy set.
    5. Click Save.
    6. Click OK.
    7. Next, add one or more policies to the policy set.
    Add one or more policies to a policy set
    1. Click All Policies.
    2. Select a policy or press Ctrl and select multiple policies to add to the policy set.
    3. Click Add To Add To.
    4. Select a policy set.
    5. Click OK.
    Change the order of the policies in a set
    If you selected Return the decision of the first policy in the set that returns either permit or deny, set the order in which you want the policies to run:
    1. Select a policy set.
    2. Select a policy.
    3. Click Move up or Move down to change the position of the policy in the set.
    Modify a policy set
    1. Select a policy set in the list of policy sets.
    2. Click Modify policy set.
    3. Change to the name, description, or policy combining algorithm.
      Note: The name must begin with an alphabetic character. Do not use control characters, leading and trailing blanks, and the following special characters ~ ! @ # $ % ^ & * ( )  + | ` = \ ; :  " ' < > ? , [  ] { } / anywhere in the name.
    4. Click Save.
    Remove one or more policies from a policy set
    1. Select a policy set in the list of policy sets.
    2. Select a policy or press Ctrl and select multiple policies to remove from the policy set.
    3. Click Remove Remove. Confirm the removal.
      Note: When you remove a policy from a set, the policy is not deleted from the policy list. To delete a policy from the list, see Managing access control policies.
    4. Click OK. The policy is removed.
    Delete a policy set
    1. Select a policy set in the list of policy sets.
    2. Click Delete. Confirm the deletion.
    3. Click OK. The policy set is deleted.
Parent topic: Access control policies