To protect your organization and users against today's ever more sophisticated cyber security threats, you can create User/Administrator-based sign-in policies in Timus Manager that automatically respond to any predefined risk level.
|Application and Data|
|User and Device|
This article shows administrator how to create Timus ZTNA's behavior-based administrator sign-in policies and apply them to your network.
On the Admin Sign-in Policies page, you can view the following left to right:
- You can easily navigate the page, view and configure policies using the Search filter located in the page's upper-left corner.
- You can create custom policies for admins by clicking the Create Admin Sign-in Policy button on the right side of the page.
- In the area on the page with the default and custom policies, you can get general information about the policies, such as Name, Description, and Status.
- The total number of policies defined in your network is displayed just below.
- By clicking the ellipsis icon at the end of the general details of a policy:
You can Edit the policy and easily create a new policy with the Copy feature.
You can Deactivate and Delete the policy.
You cannot Deactivate or Delete the default administrator sign-in policy.
If you want to create a new Administrator Sign-In/ Login Policy, follow the steps below:
- Go to Timus Manager> Zero Trust Security> Admin Sign-in Policies.
- Click the Create Admin Sign-in Policy button on the right side of the page and display the pop-up on the screen with the following tabs:
- Alerts & Notifications
On the Source tab,
- You must first enter a Name and Description for the policy you are about to create.
For example, Default Administrator Sign-in Policy
Default Administrator Sign-in Policy for High-Risk Attempts
- Click on Select and choose an Administrator.
- If needed, you can select multiple administrators to apply to the policy.
- Click on Save.
On the Condition tab,
- Set Risk Level as Any, High, Medium, or Low.
- Click on Behavior in bold just below.
- Click Add Behavior and decide which behavior will trigger the policy from the drop-down list.
- Choose a Behavior.
- You can set multiple behaviors to trigger the policy.
- If you click on the information icon to the left of the line, you can view the short description of that behavior.
- If you want to set the time, click Schedule.
You can set the day(s) and start/ end date here.
In the Action tab,
Decide what action the system should take when a behavior triggers the policy. The actions defined in the system are as follows:
- MFA Authenticator App
- Deny and Block IP
You can set multiple actions for multifactor authentication with Timus ZTNA.
The actions you select are numbered in the tab shown on the left.
- Select an Action from the drop-down list.
- If you choose is MFA- Authenticator App and MFA- Email actions with multifactor authentication capability, you will see the Add More Actions button on the screen.
- So, in a scenario where the first authentication step fails, you can enable another action for login attempts and send two-factor authentication setup introductions to administrators.
On the Alerts and Notifications tab, you can configure the policy to send Alerts and Notifications each time it is triggered.
- Enter a Title for the policy alert.
- Set the Severity of the alert. Severity can be defined as High/ Medium or Low.
- Set Status ON to enable the alert.
- Specify which Result Conditions will be given an alert. Conditions can be Successful/ Failed or Timeout.
- Click the bold written Notification. Enter a Title for notification.
- Set the Severity of notification. Severity can be defined as High/ Medium or Low.
- Set Status ON to enable the notification.
- Decide which Result Conditions will receive notification. Conditions can be Successful/ Failed or Timeout.
- If necessary, check Notify Administrators Matching Conditions to have the system notify the policy-bound user.
- If necessary, enter a Recipients for the notifications to be generated,
- Choose a recipient type: This can be one of your Admin(s) or an External user.
More than one recipient can be assigned to the policy.
- When the administrator is selected, all administrators defined in the system are listed by name, and you can also select All Administrators in here.
- When External is selected, enter a Name and E-Mail Address.
- Click +Add and view administrators' information, such as Name/ Type and E-Mail Address below.
- Clicking Delete at the end of the line deletes the recipient.
- By clicking on Save, you will have created your first Create Admin Sign-in Policy with Timus ZTNA.
When you open the page, click the ellipsis icon in the default policy row and select Edit from the mini drop-down list.
Then you can change the configuration of the default policy and reapply it to Timus ZTNA with your final configuration.
Also, you can create a similar but slightly different policy: If needed, use the Copy feature in this list.