cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Security rule for domain computer

Hi team,

I'm running a cluster of 2 5400 SG and a SmartConsole, in R80.10, with Identity Awarness and  AD query for a MS Active Directory Domain.

I've created some Access Roles that match our AD groups.

But i'm confused with generic AD groups, like Domain Users and Domain Computers dynamic groups. And the Access role options : Any user/All identified users or Any machine/All identified machines.

For some reasons, some trafic have no source user name, so i'd like to set up security policies with the Access Role "Domain Computers", and no source user. Is there a way to do so ?

Thanks for any help !

 

 

1 Reply
Admin
Admin

Re: Security rule for domain computer

For "Domain Computers" I believe you can use "All Identified Machines" in the access role as that will only include machines explicitly identified in AD.
0 Kudos