Setting the Priority of Preauthentication Policies

You can have multiple preauthentication policies that are bound to different levels. For example, you have a policy that checks for a specific antivirus application bound to AAA Global and a firewall policy bound to the virtual server. When users log on, the policy that is bound to the virtual server is applied first. The policy that is bound at AAA Global is applied second.

You can change the order in which the preauthentication scans occur. To make NetScaler Gateway apply the global policy first, change the priority number of the policy bound to the virtual server, giving it a higher priority number than the policy bound globally. For example, set the priority number for the global policy to one and the virtual server policy to two. When users log on, NetScaler Gateway runs the global policy scan first and the virtual server policy scan second.

To change the priority of a preauthentication policy

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Virtual Servers.
  2. In the details pane, select a virtual server and then click Open.
  3. On the Policies tab, click Pre-authentication.
  4. Under Priority, type the priority number for the policy and then click OK.