Parameter description – Barracuda Networks VERSION SP4 User Manual

Page 31

background image

29 Barracuda NG Network Access Client - Administrator’s Guide

List 2–21 Access Control Service Trustzone - Rules - Identity Matching Basic – section Basic Matching



Policy Matching • All-of-following

• One-of-following

Set this option to


if all of the identity matching parameters (basic and advanced), except the empty ones, must

match for a successful identity verification. If just one field does not match, the identity is not verified successfully within this policy
rule and the health match process will proceed with the next policy rule in the policy rule set.

Set this option to


effects that the identify verification succeeds if just one field matches.

Fields left empty will be ignored in both cases.
All string comparison is done case insensitive.

For all of the following identify matching fields applies that just one value of each field must match, for example if more than one
group patterns are defined, it is necessary that at least one user group must match at least on defined group pattern.

Group Patterns

Enter group patterns here. At least one user group must match at least one of these patterns for successful identity verification.
Be aware of using the right syntax for the group patterns: for example, MS Active Directory groups have be be entered as
distinguished name (for example CN=group-*, OU=my-unit,CD=mycompany,DC=at).

Net Bios

Enter the name of a NetBIOS Domain to match only users of a specific Domain.
Only available for "Current User" and "VPN" rule set

User [Login

Enter user name patterns here. A user name is the login name (without leading "DOMAIN\").


Enter networks here. The users peer address must be part of at least one of these networks.

Allowed OS

• Name
• OS Versions
• Service Pack Major Number
• Service Pack Minor Number
• Minimum Build Number
• Policy on OS

Define allowed or explicitly denied client OS version here. The

OS Versions

parameter needs to be one of the listed Microsoft

Windows Versions.

Service Pack Major Number

and the

Service Pack Minor Number

are the service pack numbers of the client OS.


Minimum Build Number

needs to be the OS build number and is checked only, if Policy on OS was set to



Possible values for Policy on OS field are

• Exact-This-One

the client OS must match OS Version, Service Pack Major Number, and Service Pack Minor Number.

• Explicit-Deny

If the clients OS matches OS Versions, Service Pack Major Number, and Service Pack Minor Number, then the current policy
rule will be ignored for the current match, and health evaluation process proceeds with the next policy rule in the policy rule

• This-One-Or-Newer

In this case, the client OS must be identically equal to OS version. The client OS service pack major and minor number and its
build number need to be equal or greater than those defined here.


Enter hostnames here. Patterns may be used.