3 identity matching - advanced – Barracuda Networks VERSION SP4 User Manual

Page 32

Advertising
background image

30 Server Config – Access Control Service

2.4.3

Identity Matching - Advanced

Fig. 2–11 Access Control Service Trustzone - Rules - Identity Matching Advanced

List 2–22 Access Control Service Trustzone - Rules - Identity Matching Advanced – section Advanced Identity Matching

Parameter

Description

MAC Addresses

Enter MAC addresses here. Patterns may be used.

Microsoft
Machine SIDs

Enter Microsoft Machine SIDs here. A SID is a - from the Microsoft OS generated - world wide unique machine identifier. The SID is
visualized in the Access Control Server’s access cache. Patterns may be used.

List 2–23 Access Control Service Trustzone - Rules - Identity Matching Advanced – section Certificate Conditions

Parameter

Description

x509 Subject

Enter X.509 subject name patterns here (for example, CN=name-*, O=my-company). The X.509 subject of the clients authentication
certificate must match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.

x509 Issuer

Enter X.509 issuer name patterns here (e.g CN=name-*, O=my-company). The subject of the issuer of the clients certificate must
match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.

x509
Altnames

Enter X.509 alternative name patterns here (IP:10.0.10.*). The subject alternative name of the clients authentication certificate must
match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.
The subject alternative name is prepended by its type (for example, "email:" or "IP:")

Advertising