I am new to identity awareness. I have implemented identity collector with AD and LDAP connectivity from the GWs. I have an existing network rule that has normal source / destination hosts and network objects in them. I added an access role to the 'destination' column, and the policy verification fails stating " 'Destination' column of the rule contains both Access Roles and network objects".
1. Why can't network objects and access roles co-exist in the same column?
2. What is the best practice for deploying these rules? Do I have to create an identical rule with the source / services, and put just the access role in for the destination?
R80.20 / JHFA 87