Zero Trust Policy
      Back to home
      1. Knowledge Base
      2. Zero Trust Security
      3. Zero Trust Policy

      Create an Administrator Sign-In Policy

      To protect your organization and users against today's ever more sophisticated cyber security threats, you can create User/Administrator-based sign-in policies in Timus Manager that automatically respond to any predefined risk level.

      Timus ZTNA's policies offer a unique and improved access control method to scale your business without compromising on the foundations of your network security:

      Infrastructure
      Application and Data
      User and Device

      This article shows administrator how to create Timus ZTNA's behavior-based administrator sign-in policies and apply them to your network.

       

      On the Admin Sign-in Policies page, you can view the following left to right:

      • You can easily navigate the page, view and configure policies using the Search filter located in the page's upper-left corner.
      • You can create custom policies for admins by clicking the Create Admin Sign-in Policy button on the right side of the page.
      • In the area on the page with the default and custom policies, you can get general information about the policies, such as Name, Description, and Status.
      • The total number of policies defined in your network is displayed just below.

      Timus-Manager admin sign in policies

      • By clicking the ellipsis icon at the end of the general details of a policy:
        You can Edit the policy and easily create a new policy with the Copy feature.
        You can Deactivate and Delete the policy.

      You cannot Deactivate or Delete the default administrator sign-in policy. 


      Timus-Manager configuration sign-in policies

      If you want to create a new Administrator Sign-In/ Login Policy, follow the steps below:

      1. Go to Timus Manager> Zero Trust Security> Admin Sign-in Policies.
      2. Click the Create Admin Sign-in Policy button on the right side of the page and display the pop-up on the screen with the following tabs:
      • Source
      • Condition
      • Action
      • Alerts & Notifications

      Timus-Manager create admin policy
      On the Source tab, 

      1. You must first enter a Name and Description for the policy you are about to create.
        For example, Default Administrator Sign-in Policy 
        Default Administrator Sign-in Policy for High-Risk Attempts
        Timus-Manager default admin1
      2. Click on Select and choose an Administrator.
      3. If needed, you can select multiple administrators to apply to the policy.
      4. Click on Save.

      Timus-Manager create admin signin 

      On the Condition tab, 

        1. Set Risk Level as Any, High, Medium, or Low.
        2. Click on Behavior in bold just below.
        3. Click Add Behavior and decide which behavior will trigger the policy from the drop-down list.  
        4. Choose a Behavior.
        5. You can set multiple behaviors to trigger the policy.
        6. If you click on the information icon to the left of the line, you can view the short description of that behavior.

          Timus-Manager create admin condition
        7. If you want to set the time, click Schedule.
          You can set the day(s) and start/ end date here.

      Timus-Manager schedule behavior

      In the Action tab,

      Decide what action the system should take when a behavior triggers the policy. The actions defined in the system are as follows: 
      1. AllowTimus-Manager behaviors admin
      2. Deny
      3. MFA-Email
      4. MFA Authenticator App
      5. Deny and Block IP

      You can set multiple actions for multifactor authentication with Timus ZTNA.

      The actions you select are numbered in the tab shown on the left.

      1. Select an Action from the drop-down list.
      2. If you choose is MFA- Authenticator App and MFA- Email actions with multifactor authentication capability, you will see the Add More Actions button on the screen.
      3. So, in a scenario where the first authentication step fails, you can enable another action for login attempts and send two-factor authentication setup introductions to administrators

      Timus-Manager action admin
      Timus-Manager action admin 2

       

      On the Alerts and Notifications tab, you can configure the policy to send Alerts and Notifications each time it is triggered.

      1. Enter a Title for the policy alert. 
      2. Set the Severity of the alert. Severity can be defined as High/ Medium or Low.

        Timus-Manager severity
      3. Set Status ON to enable the alert.
      4. Specify which Result Conditions will be given an alert. Conditions can be Successful/ Failed or Timeout.

        Timus-Manager admin alert
      5. Click the bold written Notification. Enter a Title for notification.
      6. Set the Severity of notification. Severity can be defined as High/ Medium or Low.

        Timus-Manager severity
      7. Set Status ON to enable the notification.
      8. Decide which Result Conditions will receive notification. Conditions can be Successful/ Failed or Timeout.
      9. If necessary, check Notify Administrators Matching Conditions to have the system notify the policy-bound user.
      10. If necessary, enter a Recipients for the notifications to be generated,
      11. Choose a recipient type: This can be one of your Admin(s) or an External user.
        More than one recipient can be assigned to the policy.
      12. When the administrator is selected, all administrators defined in the system are listed by name, and you can also select All Administrators in here.
      13. When External is selected, enter a Name and E-Mail Address.

        Timus-Manager external user
      14. Click +Add and view administrators' information, such as Name/ Type and E-Mail Address below.
      15. Clicking Delete at the end of the line deletes the recipient.
      16. By clicking on Save, you will have created your first Create Admin Sign-in Policy with Timus ZTNA.

      Timus-Manager admin notif alert

      When you open the page, click the ellipsis icon in the default policy row and select Edit from the mini drop-down list.

      Then you can change the configuration of the default policy and reapply it to Timus ZTNA with your final configuration. 

      Timus-Manager default admin

      Also, you can create a similar but slightly different policy: If needed, use the Copy feature in this list.

      Timus-Manager copied admin