Technical Documentation

Configuring Infranet Controller Host Checker Access Restrictions (NSM Procedure)

A Host Checker restricts user’s access to the Infranet Controller, a role, or a resource based on his Host Checker status.

To configure Infranet Controller Host Checker access restrictions:

In the NSM navigation tree, select Device Manager > Devices.
Click the Device tree tab, and then double-click the Infranet Controller device for which you want to configure Host Checker access restrictions.
Click the Configuration tab. In the configuration tree, select the level at which you want to implement Host Checker access restrictions:
- Realm level—Select:
  - Administrators > Admin Realms >Select Realm > Authentication Policies > Host Checker to configure Host Checker access restrictions for admin realms.
  - Users > User Realms >Select Realm > Authentication Policies > Host Checker to configure Host Checker access restrictions for user realms.
- Role level—Select:
  - Administrators > Admin Roles > Select Role > General > Restrictions > Host Checker Restrictions to configure Host Checker access restrictions for admin roles.
  - Users > User Roles > Select Role > General > Restrictions > Host Checker Restrictions to configure Host Checker access restrictions for user roles.
Add or modify settings as specified in
- Table 1 to configure role level restrictions.
- Table 2 to configure realm level restrictions.
Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.

Table 1: Host Checker Access Restrictions for Role Level Configuration Details

Option	Function	Your Action
Enforce/Allow	Specifies the Host Checker policy at the role level.	Select Allow all users to permit access to all users. Select Allow users whose workstations meet the requirements specified by the Host Checker policies to require that Host Checker is running the specified Host Checker policies for the user to meet the access requirement.
Host Checker policies	Specifies the Host Checker policies.	Select the required Host Checker policies.
Allow access to the role if	Specifies access to the role.	Select All of the selected policies pass to allow access only if all the policy requirements are met. Select Any ONE of the selected policies pass to allow access even if one policy requirement is met.

Option

Function

Your Action

Enforce/Allow

Specifies the Host Checker policy at the role level.

Select Allow all users to permit access to all users.
Select Allow users whose workstations meet the requirements specified by the Host Checker policies to require that Host Checker is running the specified Host Checker policies for the user to meet the access requirement.

Host Checker policies

Specifies the Host Checker policies.

Select the required Host Checker policies.

Allow access to the role if

Specifies access to the role.

Select All of the selected policies pass to allow access only if all the policy requirements are met.
Select Any ONE of the selected policies pass to allow access even if one policy requirement is met.

Table 2: Host Checker Access Restrictions for Realm Level Configuration Details

Field	Function	Your Action
Evaluate ALL policies	Specifies if all policies must be evaluated.	Select to evaluate all policies.
Evaluate selected policies	Specifies that the selected policies are to be evaluated.	Select the policies that must be evaluated and add them to the Members list.
Enforce ALL policies	Specifies if all policies must be enforced.	Select to enforce all policies.
Enforce selected policies	Specifies that the selected policies are to be enforced.	Select the policies that must be enforced and add them to the Members list.
Allow access to the realm if	Specifies access to the realm.	Select All of the enforced policies pass to allow access only if all the enforced policy requirements are met. Select Any ONE of the enforced policies pass to allow access even if one enforced policy requirement is met.