Appendix b. policy priority – PLANET WSG-500 User Manual

127

Appendix B. Policy Priority

ƒ

Global Policy, Authentication Policy and User Policy

WSG-500 supports multiple Policies, including one Global Policy and 5 individual Policy can be
assign to different Authentication Server. Global Policy is the system’s universal policy and
applied to all clients, while other individual Policy can be selected and defined to be applied to any
Authentication Server. For some authentication, such as Local and RADIUS, user can be assigned to
different Policy individually. So one user may be applied different policy at the same time. Which policy
is actually applied to this user?

The Policy Priority are enforced as follows:

User Policy >> Authentication Policy >> Global Policy

Now, let us discus different user policy type:

¾

For Local and RADIUS, the users can be assigned to different Policy individually. For example, a
Local user, user01, is assigned to Policy1 and the Local Authentication is assigned to Policy2.
Then user01 login to Public Zone will get Policy1. This is a common case for users that can assign
Policy individually.

¾

For Local and RADIUS, if these users are not assigned any User Policy individually, they will be the
same as other users within the same authentication server. For example, a Local user, user01,
the Local Authentication is assigned to Policy3. Then user01 login to Public Zone will get Policy3.
This is another common case for users that is assigned Policy by the authentication server.

¾

If User is not assigned a Policy individually and the authentication server is also not assigned a
Policy, then the users will be applied the Global Policy. For example, a Local user, user01, is
assigned to None Policy and the Local Authentication is also assigned to None Policy in User list.
Then user01 logging to Public Zone will be applied with the Global Policy.

As a conclusion, the Global Policy has the lowest policy priority; on the other hand, the User Policy has
the highest one.