The Access Rules
page on the ISA web portal allows administrators to define rules to allow or deny remote user access to corporate
resources. referenced in access rules.
The following types of access rules can be created:
A rule that applies to an IP address has priority over a rule that applies to a network, all other parameters being equal.
A deny rule to an IP address takes precedence over an allow rule to a network, all other parameters being equal.
This user guide describes the various configuration options to manage access rules on the ISA web portal.
Add Access Rules
Login to the ISA web console using administrator credentials.
Navigate to the Access Rules page under the ACCESS POLICIES menu.
Click the Add button at the top.
On the Add access rule window, under Name, enter a name for the access rule. Characters A-Z, a-z, 0-9 are allowed in this field. The maximum number of characters allowed is 50.
Click the Source Type drop-down.
Select User, User Group, or Application. In this example, we select User Group.
Click the Source field.
From the drop-down list, select the user group. Multiple user groups can be added to this field.
Click the Destination Type drop-down.
Select Application or Application Group.
Select the application groups. Multiple application groups can be added to the field.
Click Action.
Select either Allow or Deny.
Click Save and Add new.
The new access rule is listed on the page.
Edit Access Rule
Add Access Rules in Bulk
This option allows the administrator to add a large number of access rules at once.
Supported fields in the file are:
Name – A name for the access rule.
Source Type – Either user or user group.
Source – Enter the name of the users or user groups separated by commas.
Destination Type – Either application or application group.
Destination – If Destination Type is set to Application Group, enter the name of the application groups separated by commas.. If Destination Type is set to Application, leave the field blank.
IP Address – If Destination Type is set to Application, enter the IP addresses of remote resources separated by commas. If Destination Type is set to Application Group, leave the field blank.
Services - If Destination Type is set to Application, enter the port numbers of remote resources separated by commas. If Destination Type is set to Application Group, leave the field blank.
Download Access Rules List
ISA web portal administrators can download the complete list of access rules by clicking on the CSV button on the Access Rules page. An email with the link to download the file in CSV format is sent to the logged-in administrator’s email address. The file has the following information:
Name – Names of the access rule.
Source Type – Either user or user group.
Source –Name of the users or user groups.
Destination Type – Either application or application group.
Destination – If Destination Type is Application Group, the names of the application groups. If Destination Type is set to Application, the IP addresses and service names of the applications separated by hyphens.
On the Access Rules page, enable the check box alongside the access rules you want to delete.
Click the Delete button at the top.
On the pop-up window, click Yes, Delete it!.
On the bottom left of the page, the message ACLs have been scheduled to be deleted is displayed.
Click the drop-down box to select the number of rules to be displayed on the Access Rules page. By default, it is set to display 10 rules. You can change it to display either 30 or 50 rules.
Click the Next button to view the next page of rules. Click the Prev button to view the previous page.
You can search access rules by name by entering it in the search box.