Modifying an access policy group, Modifying an access policy group -46 – HP Identity Driven Manager Software Series User Manual

3-46

Using Identity Driven Manager
Defining Access Policy Groups

Figure 3-35. Access Rule with Endpoint Integrity options

Select the Endpoint Integrity option to use with the access rule, as described in the
following list.

For example, if you want to restrict access to a specific (remediation) VLAN when
the endpoint integrity check fails, create a Location that specifies the remediation
VLAN, then create an access rule that will put the user on that Location if the Host
Integrity value is FAIL.

Modifying an Access Policy Group

To modify an Access Policy Group:

Table 3-9.

Endpoint Integrity options

Select...

To apply the access rule...

ANY

Regardless of the status passed from the endpoint integrity system

PASS

In cases where the system the user is logged in on passes the endpoint
integrity check

FAIL

In cases where the system the user is logged in on fails the endpoint
integrity check

INFECTED

In cases where the system the user is logged in on has been identified
as infected by the endpoint integrity system

UNKNOWN

In cases where the system the user is logged has an endpoint integrity
status setting of “unknown”