-
-
WebSocket communication between VDA and Delivery Controller™
-
-
Migrate workloads between resource locations using Image Portability Service
-
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Policy sets
Policy sets are objects in Citrix DaaS™ that aggregates policies to allow for simplified, role-based access, and easy management. Once created, scopes and delivery groups are assigned to policy sets so that only authorized administrators can manage the policies that apply to their relevant users and machines.
Policy sets help you manage Citrix® policies more efficiently by organizing them into logical groups. When you assign a policy set to a delivery group, the delivery group uses only the policies in that set.
This section explains how policy sets behave, how to create and assign them, and how they interact with scopes and filters.
Benefits
Policy sets offer several key benefits:
- Role-based access control for distributed administrator teams
- Simplified mergers, acquisitions, and consolidations
- Limited fault domain
- Multitenant support for policies
The following table compares how policies work with and without policy sets:
| Without policy sets | With policy sets |
|---|---|
| All policies, settings, filters (assignments), and priorities are managed in one central location. | Each policy set has its own settings, filters (assignments), and priorities. |
| If you manage one policy, you must manage every policy. | Full administrators can delegate to lower-level admins the ability to manage a particular policy set on an individual basis. |
| Policies in large and distributed environments become complex and difficult to manage. | Policies in large and distributed environments can be divided and managed easily. |
How policy sets work
Policy sets are assigned to delivery groups and scoped to specific administrators. Policies within a set continue to use filters (assignments) to determine which users or machines they apply to.
Key behaviors:
- Policy sets are assigned to delivery groups
- A delivery group can use only one policy set at a time.
- A policy set can be assigned to multiple delivery groups.
- If a delivery group doesn’t have a policy set assigned, it uses Default Policy Set.
- Filters on policies still apply, regardless of whether the policy is in a set.
- A policy set can have one or multiple scopes.
- A scope represents a collection of objects (for example, connections, catalogs, delivery groups, and application groups) that administrators can manage.
- As administrators, you can define the scope of the policy set so that only authorized administrators can view or edit it. You can set scopes during policy set creation or when editing the set later.
Policy filters and assignments work the same way as they do without policy sets. For more information, see How do filters get applied.
Enable policy sets
In Studio, go to Settings > Site settings and turn on the Policy sets setting.
Note:
- You must enable policy sets before creating a policy set.
- When you enable policy sets, all existing policies are grouped into Default Policy Set. This set is automatically assigned to all delivery groups unless you assign a different set. After a new policy set is assigned to a delivery group, that group stops using the default policy set.
Create policy sets
You can create policy sets to mirror logical divisions in your administrator team and company. For example, you can create a policy set for each geographic region, business-unit, or for specific use case.
You can create policy sets in two ways:
Alternatively, you can use the Citrix DaaS REST APIs to create and manage policy sets. For more information, see How to create a policy set in Citrix DaaS.
Create policy sets from scratch
- In Studio, select the Policies node in the left pane.
- Click the Policies tab.
- Select Create Policy Set.
- Click the Name and Description tab, and enter the name and description for the policy set.
- Click the Assignments tab, and select one or more delivery groups.
- Click the Scopes tab, and select the scopes that define the objects that the policy set can apply to.
- Click Create to finish.
Clone policy sets
- In Studio, select the Policies node in the left pane.
- Click the Policies tab.
- Select Clone Policy Set.
- Update the name of the policy set.
- Update or create assignments for the policy set and click Next.
- Select or clear policies to include in the cloned policy set.
- Update the scope of the policy.
- Click Create.
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.