Policy modeling tool

Admins can create multiple policies and assign these policies to multiple applications. As a result, it might become difficult for admins to understand the application access results for their end-users; that is if the end-user is allowed or denied access based on the application and access policy configurations. The policy modeling tool (Access policies > Policy modeling) helps resolve these issues by giving the administrators full visibility into the expected application access result (allowed/allowed with restriction/denied). Admins can check the access results for specific users and add user conditions such as device type, device posture, geo-location, network location, user risk score and workspace URL. The tool also displays the list of policies and rulenames associated with the applications.

To analyze the access policy configuration, perform the following steps.

  1. In the Secure Private Access console, click Access Policies and then click the Policy modeling tab.
  2. Add the following details:
    • Device type: Select the device type of the end user. (Desktop is selected, by default.)
    • Domain: Select the domain associated with the user.
    • User: Select the user name for which you want to analyze the applications and associated policies.
  3. You can also simulate a set of conditions/constraints on the end user and their devices.
  4. Click Simulate conditions.
  5. Select the condition (Device posture, Geo-location, Network location, User risk score and Workspace URL) and then select the associated value.
  6. Click the + sign to add additional conditions.
  7. Click Apply.

The applications, associated policies and rules for the selected user are displayed in a tabular format.

Policy modeling

Policy modeling tool

In this article