Configuring Cache Cleaner Restrictions (NSM Procedure)
You can restrict Secure Access device and resource access by requiring Cache Cleaner in the following options:
- Realm authentication policy—When users try to sign in to the Secure Access device, the Secure Access device evaluates the specified realm’s authentication policy to determine if the preauthentication requirements include Cache Cleaner. You can configure a realm authentication policy to download Cache Cleaner, download and start running Cache Cleaner, or not require Cache Cleaner. The user must sign in using a computer that adheres to the Cache Cleaner requirements specified for the realm. If the user’s computer does not meet the requirements, then the user is denied access to the Secure Access device.
- Role—When the Secure Access device determines the list of eligible roles to which it can map an administrator or user, it evaluates each role’s restrictions to determine if the role requires Cache Cleaner to run on the user's workstation. If it does and the user's machine is not already running Cache Cleaner, then the Secure Access device does not map the user to that role.
- Resource policy—When a user requests a resource, the Secure Access device evaluates the resource policy’s detailed rules to determine whether or not Cache Cleaner needs to be installed or running on the user's workstation. The Secure Access device denies access to the resource if the user's machine does not meet the Cache Cleaner requirement.
To configure Cache Cleaner restrictions at the realm level:
- In the navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure global Cache Cleaner restrictions in realm level.
- Click the Configuration tab and select Users > User Realms > Select Realm > Authentication Policies > Cache Cleaner . The corresponding workspace appears.
- Configure the cache cleaner restrictions at the role level using the settings described in Table 1.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 1: Configuring Cache Cleaner Restrictions Details at Realm Level
| Option | Function | Your Action |
|---|---|---|
| Files and Folders | ||
Cache Cleaner option | Specifies whether or not Cache Cleaner is running for the user to meet the access requirement. | Select one of the following options from the drop–down list:
|
To configure cache cleaner restrictions at the role level:
- In the navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure global Cache Cleaner restrictions at the role level.
- Click the Configuration tab and select Users > User Roles > Select Role > General > Restrictions > Cache Cleaner Restrictions. The corresponding workspace appears.
- Configure the Cache Cleaner restrictions at the role level using the settings described in Table 2.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 2: Configuring Cache Cleaner Restriction Details at role level
| Option | Function | Your Action |
|---|---|---|
Require Cache Cleaner (must be loaded by the Realm) | Specifies Cache Cleaner to be running in order for the user to meet the access requirement. | Select the Require Cache Cleaner (must be loader by the Realm) check box to enable this option. |
To configure Cache Cleaner restrictions at the resource policy level:
- In the navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure global Cache Cleaner restrictions at the resource policy level.
- Click the Configuration tab and select Users > Resource Policies > Select Resource > Select Policy > Detailed Rules.
- Select or create the rule and configure the Cache Cleaner restrictions at the resource policy level using the settings described in Table 3.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 3: Configuring Global Cache Cleaner Restriction Detail at Resource Policy Level
| Option | Function | Your Action |
|---|---|---|
| General tab | ||
Name | Specifies the resource policy’s detailed rule name. | Enter the name. |
Action | Specifies the action to allow the Secure Access device to access the resource if the user's machine does not meet the Cache Cleaner requirement. | Select Allow or Deny from the drop–down list. |
Resources | Specifies the resource or a partial list of the resources. | Enter specific URL, directory path, file, or file type. |
Conditions | Specifies a custom expression in a detailed rule for the Secure Access device to determine whether or not Cache Cleaner needs to be installed or running on the user's workstation. | Enter the custom expression. |
