To protect your organization and users against today's increasingly sophisticated cyber security threats, you can create User/Admin-based sign-in policies in Timus Manager that automatically respond to any predefined risk level.
|Application and Data|
|User and Device|
This article shows to an admin how to create Timus ZTNA's behavior-based, user sign-in policies and how to apply them to your network.
- You can easily navigate the page, view and configure policies quickly using the Search filter in the page's uper-left corner.
- You can create custom policies for users by clicking the Create User Sign-in Policy button on the right side of the page.
- In the area on the page with the default and custom policies, you can get general information about the policies, such as Name, Description, and Status.
- The total number of policies defined in your network is displayed just below.
- By clicking the ellipsis icon at the end of the general details of a policy:
You can Edit the policy and easily create a new policy with the Copy feature.
You can Deactivate and Delete the policy.
You cannot Deactivate or Delete the default user sign-in policy.
If you want to create a new User Sign-In/ Login Policy, follow the steps below:
- Go to Timus Manager> Zero Trust Security> User Sign-in Policies.
- Click the Create User Sign-in Policy button on the right side of the page and display the pop-up on the screen with the following tabs:
- Alert & Notifications
On the Source tab,
- You must enter a Name and Description for the policy you are about to create.
For example: Default User Sign-in Policy
Default User Sign-in Policy for High-Risk Attempts
- Click on Select in the row and select Source as User/Team/Device or IP.
- Enter a name according to the Source type you selected.
If needed, you can choose multiple sources to apply to the policy.
- Click on Save.
On the Condition tab,
- Decide which method to apply to the policy to authenticate the Source.
- Set Risk Level as Any, High, Medium, or Low.
- Click on Behavior in bold just below.
- Click Add Behavior and decide which behavior will trigger the policy from the drop-down list.
- Choose a Behavior.
You can set multiple behaviors to trigger the policy.
If you click on the information icon to the left of the line, you can view the short description of that behavior.
- If you want to set the time, click Schedule.
You can set the day(s) and start/ end date here.
In the Action tab,
Decide what action the system should take when a behavior triggers the policy. The actions defined in the system are as follows:
- MFA Authenticator App
- Deny and Block IP
- Ban and Block IP
You can set multiple actions for multifactor authentication with Timus ZTNA.
The actions you select are numbered in the tab as shown on the left.
- Select an Action from the drop-down list.
- If you choose is MFA- Authenticator App and MFA- Email actions with multifactor authentication capability, you will see the Add More Actions button on the screen.
- So, in a scenario where the first authentication step fails, you can enable another action for login attempts and send two-factor authentication setup introductions to users.
On the Alerts and Notifications tab, you can configure the policy to send an Alerts and Notifications each time it is triggered.
- Enter a Title for the policy alert.
- Set the Severity of the alert. Severity can be defined as High/ Medium or Low.
- Set Status ON to enable the alert.
- Specify which Result Conditions will be given an alert. Conditions can be Successful/ Failed or Timeout.
- Click the bold written Notification. Enter a Title for notification.
- Set the Severity of notification. Severity can be defined as High/ Medium, or Low
- Set Status ON to enable the notification.
- Decide which Result Conditions will receive notification. Conditions can be Successful/ Failed or Timeout.
- If necessary, check Notify Users Matching Conditions to have the system notify the policy-bound user.
- If necessary, enter a Recipients for the notifications to be generated,
- Choose a recipient type: This can be one of your Administrator(s) or an External user.
More than one recipient can be assigned to the policy.
- When administrator is selected, all admins defined in the system are listed by name, and you can also choose All Administrators here.
- When External is selected, enter a Name and E-Mail Address.
- Click +Add and view admin information below, such as Name/ Type and E-Mail Address.
- Clicking Delete at the end of the line deletes the recipient.
- By clicking on Save, you will have created your first Create User Sign-in Policy with Timus ZTNA.
When you open the page, click the ellipsis icon in the default policy row and select Edit from the mini drop-down list.
Then you can change the configuration of the default policy and reapply it to Timus ZTNA with your final configuration.
Also, you can create a similar but slightly different policy: If needed, use the Copy feature in this list.