This article shows administrator how to create Timus ZTNA's behavior-based administrator sign-in policies and apply them to your network.
Timus ZTNA's policies provide a distinctive and enhanced access control approach to expand your business while maintaining the fundamental aspects of your network security: Infrastructure, Application and Data, User and Device.
To protect your organization and users against today's ever more sophisticated cyber security threats, you can create User/Administrator-based sign-in policies in Timus Manager that automatically respond to any predefined risk level.
On the Admin Sign-in Policies page, you can view the following left to right:
- You can easily navigate the page, view and configure policies using the Search filter located in the page's upper-left corner.
The policies within Timus' Zero Trust Network Access (ZTNA) security framework are organized and prioritized by its place in the policy table. A policy, which is placed higher in the table, is more prioritized than the other Admin Sign-In policies.
It means that you are able to prioritize the Timus ZTNA rules by yourself.
- You can create custom policies for admins by clicking the Create Admin Sign-in Policy button on the right side of the page.
- In the area on the page with the default and custom policies, you can get general information about the policies, such as Name, Description, and Status.
- The total number of policies defined in your network is displayed just below.
- By clicking the ellipsis icon at the end of the general details of a policy: You can Edit the policy and easily create a new policy with the Copy feature. You can Deactivate and Delete the policy.
You cannot Deactivate or Delete the default administrator sign-in policy.
- Go to Timus Manager> Zero Trust Security> Admin Sign-in Policies.
- Click the Create Admin Sign-in Policy button on the right side of the page and display the pop-up on the screen with the following tabs:
- Source
- Condition
- Action
- Alerts & Notifications
On the Source tab,
- You must first enter a Name and Description for the policy you are about to create. For example, Default Administrator Sign-in Policy Default Administrator Sign-in Policy for High-Risk Attempts
- Click on Select and choose an Administrator.
- If needed, you can select multiple administrators to apply to the policy.
- Click on Save.
On the Condition tab,
- Set Risk Level as Any, High, Medium, or Low.
- Select the behaviors on which this policy will be applied. More than one can be selected.
- If you move your mouse over the new behavior, a pop-up text will appear displaying information about that specific behavior.
- If you want to set the time, click Schedule. You can set the day(s) and start/ end date here.
- Click Confirm.
When "All Selected Behaviors" is chosen, all selected behaviors such as Untrusted IPs, New Device, and Breached E-mail Address must be active simultaneously for the policy to take the action.
When "Any Selected Behavior" is chosen, at least one of the selected behaviors must be triggered the policy to take the action.
You can consider All Selected Behaviors like "AND &&" and Any Selected Behaviors like "OR ||" as in coding language.
Experience the user-friendly interface of Timus by hovering over the info icons on the policy creation screen:
When you add a behavior to the policy with the add behavior button on the screen and hover over that behavior, you can view the brief explanation about the behavior you added:
In the Action tab,
Decide what action the system should take when a behavior triggers the policy. The actions defined in the system are as follows:
- Allow
- Deny
- MFA-Email
- MFA Authenticator App
- Deny and Block IP
You can set multiple actions for multifactor authentication with Timus ZTNA.
The actions you select are numbered in the tab shown on the left.
- Select an Action from the drop-down list.
- If you choose is MFA- Authenticator App and MFA- Email actions with multifactor authentication capability, you will see the Add More Actions button on the screen.
So, in a scenario where the first authentication step fails, you can enable another action for login attempts and send authentication setup instructions to administrators who have not completed the setup process.
On the Alerts and Notifications tab, you can configure the policy to send Alerts and Notifications each time it is triggered.
- Enter a Title for the policy alert.
- Set the Severity of the alert. Severity can be defined as High/ Medium or Low.
- Set Status ON to enable the alert.
- Specify which Result Conditions will be given an alert. Conditions can be Successful/ Failed or Timeout.
- Click on Notification.
- Enter a Title for notification.
- Set the Severity of notification. Severity can be defined as High/ Medium or Low.
- Set Status ON to enable the notification.
- Decide which Result Conditions will receive notification. Conditions can be Successful/ Failed or Timeout.
- If necessary, check Notify Administrators Matching Conditions to have the system notify the policy-bound user.
- If necessary, enter a Recipients for the notifications to be generated,
- Choose a recipient type: This can be one of your Admin(s) or an External user. More than one recipient can be assigned to the policy.
- When the administrator is selected, all administrators defined in the system are listed by name, and you can also select All Administrators in here.
- When External is selected, enter a Name and E-mail Address.
- Click +Add and view administrators' information, such as Name/ Type and E-mail Address below.
- Clicking Delete at the end of the line deletes the recipient.
- By clicking on Save, you will have created your first Create Admin Sign-in Policy with Timus ZTNA.
- When you open the page, click the ellipsis icon in the default policy row and select Edit from the mini drop-down list.
- Then you can change the configuration of the default policy and reapply it to Timus ZTNA with your final configuration.
- Also, you can create a similar but slightly different policy: If needed, use the Copy feature in this list.
0 comments
Please sign in to leave a comment.