Policy Manager FAQs

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search

When should I create a new policy?

You should create a new policy when you want to apply different rules to different users. For more information, see Deciding When To Use Multiple Virtual Policies.

Can I use my existing Active Directory groups to create policies for different groups of users?

Yes, if you're using Directory Connector to authenticate against Active Directory you can create policies by username or group name. Simply set up the policy to your liking, click Users, and you will be able to select your users and groups from the list.


I'm using Untangle's OpenVPN application, do I need to create racks for the VPN users?

You do not have to create extra virtual racks to use OpenVPN; by default its traffic will go through the Default Rack. You can use the Firewall to allow or deny VPN users access to resources, or if you prefer you can create a new rack only for OpenVPN users. Furthermore, if you do not want OpenVPN traffic filtered at all, create a rule for all OpenVPN clients and select "No Rack" as the target rack.

I only want to scan inbound email traffic, not outbound. Do I need to create a new rack?

No - by default, outbound email traffic is not scanned. If you would like it to be, this option is available in Spam Blocker, however we highly recommend against it.