It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Configuring Access Control Service Objects

  • Last updated on

Access Control Policy rulesets can reference so-called Access Control Service Objects. Access Control Service Objects are attributes assigned to the client according to the policies configured in the Access Control Service Trustzone and work similarly to the objects available for Client-to-Site VPN in the Barracuda Network Access and VPN Client

ac_objects.png

Welcome Messages

Welcome messages can be used to display customized messages to welcome users to the corporate network, inform them about security policies, or display administrator contact details. For each policy rule, a different Welcome Message can be displayed to individual groups of users. In addition, Welcome Messages can be used to display localized messages. Each message is assigned to a language. According to the client's language settings, the localized message is displayed. The client will display the English-language message as a fallback.

ac_welcome.png

Pictures

Pictures assigned to clients are usually small bitmaps displaying the corporate logo. Sometimes they are also used to notify the users about special events.
Assigned pictures are displayed in the client after successfully connecting to the Access Control service.

Keep the size of your picture small because the picture will be transferred to all clients. Pictures larger than 167x90 pixels are automatically scaled down on the Barracuda NAC

ac_bitmap.png

Personal Firewall Rules

Barracuda Personal Firewall rules are explained in detail on the How to Configure Personal Firewall Rules on the CloudGen Firewall page.

ac_rules.png

Registry Check Objects

These objects enable administrators to define registry checks to be performed on the client. This allows registry keys and values to be validated, just like taking action in case of failed validation.
Available actions are Repair, Notify, or Fail. In case of a Fail, the Access Control service health validation will fail if the specified registry keys are not set appropriately. Notify generates appropriate log messages on the Barracuda CloudGen Firewall.

Important registry changes (e.g., the introduction of a new registry key) are only done for local machine authentication. Thus, users need to log off or reboot the client to activate these changes.
Registry values can also be verified and changed for user authentication.

ac_reg.png

To import a registry file, click the Clipboard icon on the right, top side of the Registry Check Rules table, select Replace With Registry Import and import the respective file.

ac_import.png

Access Control Service Objects provide a hierarchical override mechanism. Objects on cluster level that share the same name as global or range objects override the global definition(s). This mechanism works like the one using global firewall objects for the Barracuda CloudGen Firewall.