Reference: Access Policies and Applicable Policy Items¶
The policy items that can be configured depend on the policy type and the macro (sub-policy) you are adding to the policy. Not all items are applicable for each of them. BIG-IP Next Access supports configuring the following policies and sub-policies:
Per-session policy
Per-session policy macro
Per-request policy
Per-request policy macro
Per-request policy subroutine
Per-request policy subroutine macro
The table below shows the policy items and the policy or sub-policy types they are applicable.
Policy Items | Per-Session Policy | Per-Session Macro Policy | Per-Request Policy | Per-Request Macro Policy | Per-Request Subroutine Policy | Per-Request Subroutine Macro Policy |
---|---|---|---|---|---|---|
Active Directory Authentication | Applicable | Applicable | Applicable | |||
Active Directory Query | Applicable | Applicable | Applicable | |||
Advanced Resource Assign | Applicable | |||||
Allow | Applicable | Applicable | ||||
Antivirus Check | Applicable | |||||
Client Capability Check | Applicable | |||||
Client Certificate Inspection | Applicable | Applicable | Applicable | |||
Client Operating System | Applicable | Applicable | Applicable | |||
Client Type | Applicable | Applicable | ||||
Confirm Box | Applicable | Applicable | ||||
CRLDP AAA Server | Applicable | Applicable | ||||
CRLDP Authentication | Applicable | Applicable | ||||
Date Time | Applicable | Applicable | Applicable | |||
Decision Box | Applicable | Applicable | ||||
Deny | Applicable | |||||
Disk Encryption Check | Applicable | |||||
Applicable | Applicable | |||||
Empty | Applicable | Applicable | Applicable | Applicable | Applicable | Applicable |
Firewall | Applicable | |||||
Form-Based SSO | Applicable | Applicable | ||||
Geolocation Match | Applicable | Applicable | ||||
Hard Disk Encrytption | Applicable | |||||
HTTP Connector | Applicable | Applicable | Applicable | |||
HTTP 401 Response | Applicable | Applicable | ||||
HTTP 407 Response | Applicable | Applicable | ||||
HTTP Basic SSO | Applicable | Applicable | ||||
HTTP Header Modify | Applicable | Applicable | ||||
IP Geolocation Match | Applicable | Applicable | ||||
IP Subnet Match | Applicable | Applicable | Applicable | Applicable | ||
iRule Event | Applicable | Applicable | Applicable | Applicable | Applicable | Applicable |
Kerberos AA Server | Applicable | Applicable | ||||
Kerberos Authentication | Applicable | |||||
Kerberos SSO | Applicable | Applicable | ||||
Landing URI | Applicable | Applicable | ||||
LDAP AA Server | Applicable | Applicable | ||||
LDAP Authentication | Applicable | Applicable | Applicable | |||
Linux File Check | Applicable | |||||
LDAP Query | Applicable | Applicable | Applicable | |||
Linux Process Check | Applicable | |||||
Logging | Applicable | Applicable | Applicable | Applicable | ||
Logon Page | Applicable | Applicable | Applicable | |||
Mac File Check | Applicable | |||||
Mac Process Check | Applicable | |||||
Machine Certificate Inspection | Applicable | |||||
Machine Info Endpoint | Applicable | |||||
Macro Call | Applicable | Applicable | Applicable | Applicable | Applicable | |
Message Box | Applicable | Applicable | Applicable | |||
NTLM Auth Result | Applicable | Applicable | ||||
OAuth Bearer SSO | Applicable | Applicable | ||||
OAuth Client and Resource Server | Applicable | Applicable | ||||
OAuth Federation | Applicable | |||||
OAuth Provider | Applicable | Applicable | ||||
OAuth Scope | Applicable | Applicable | ||||
OCSP AAA Responder | Applicable | Applicable | ||||
OCSP Authentication | Applicable | Applicable | ||||
On-Demand Certificate Authentication | Applicable | Applicable | Applicable | |||
Patch Management | Applicable | |||||
Pool Assign | Applicable | Applicable | ||||
Public File Sharing | Applicable | |||||
RADIUS AAA Server | Applicable | Applicable | ||||
RADIUS Authentication | Applicable | |||||
Redirect | Applicable | Applicable | ||||
Reject | Applicable | |||||
SAML Attribute Match | Applicable | |||||
SAML Federation | Applicable | Applicable | Applicable | |||
Simple Terminal Out | Applicable | Applicable | Applicable | Applicable | Applicable | |
SSO Configuration Select | Applicable | |||||
SSO Credential Mapping | Applicable | Applicable | ||||
System Health Agent | Applicable | |||||
System Health Check | Applicable | |||||
URL Branching | Applicable | Applicable | Applicable | Applicable | ||
Variable Assignment | Applicable | Applicable | Applicable | Applicable | ||
Windows File Check | Applicable | |||||
Windows Info Endpoint | Applicable | |||||
Windows Process Check | Applicable | |||||
Windows Registry | Applicable |