Associating other policies with access control

Use an access control policy's advanced settings to associate one of each of the following subpolicies with the access control policy:

  • Prefilter policy—Performs early traffic handling using limited network (layer 4) outer-header criteria.

  • SSL policy—Monitors, decrypts, blocks, or allows application layer protocol traffic encrypted with Secure Socket Layer (SSL) or Transport Layer Security (TLS).

  • Identity policy—Performs user identification based on the realm and authentication method associated with the traffic.

Before you begin

Before associating a decryption policy with an access control policy, review the information about TLS server identity discovery in TLS server identity discovery.

Procedure

Step 1

In the access control policy editor, click the Advanced tab .

Step 2

Click Edit (edit icon) in the appropriate policy settings area.

If View (View button) appears instead, settings are inherited from an ancestor policy, or you do not have permission to modify the settings. If the configuration is unlocked, uncheck Inherit from base policy to enable editing.

Step 3

Choose a policy from the drop-down list.

If you choose a user-created policy, you can click the edit icon that appears to edit the policy.

Step 4

Click OK.

Step 5

Click Save to save the access control policy.

What to do next

  • Deploy configuration changes.