Access Policy Test Tools

To help system administrators manage access security policies more effectively, two test tools are available for the CyberEdge. The Domain/URL Checker and the Access Policy Test tools. The Domain/URL Checker allows administrators to quickly identify and verify the categorization of domains and URLs, ensuring accurate filtering controls. The Access Policy Test enables administrators to simulate and evaluate the impact of various access policies, ensuring security measures in place are both effective and efficient.

Domain/URL Categorisation Checker

The CyberEdge categorisation checker is a valuable tool for quickly identifying the categories of a domain or URL. This functionality is beneficial for creating new access policies, identifying potential categorisation issues and requesting a review of a domain or URL's categorisation. The system can assign up to three categories per domain or URL. To check the categorisation of a domain or URL go to;

1. Security Centre > Test Tools > Categorisation
2. Enter a Domain or URL
3. Click "Check Categories"

The list of categories associated with the domain or URL will be displayed. If a domain or URL is incorrectly categorized, you can request a review and potential update of the categorization. To recommend a proposed category change, complete the following steps;

1. Click "Request Recategorisation"
2. From the category list provided, select the proposed category recommendation
3. Click "Recategorise"

Requests for recategorization will be queued for review by the AI engine. If approved, the categorization change will be streamed to CyberEdge. Typically, requests are processed within 5 minutes to 24 hours, depending on the complexity of the request.

Access Policy Test

The Access Policy Test enables administrators to simulate and assess access policies. It helps determine which policy is responsible for blocking or allowing specific traffic based on various evaluation criteria, such as source IP, authentication provider, username, group, destination IP, domain, and application. To test your access policies go to;

1. Security Centre > Test Tools > Access Policy Test
2. Add the following inputs to test a policy:
   • Source IP: The source IP. This field is required for conducting access policy tests
   • Destination: Enter a domain or destination IP address to test. Destination supporrs domain, URL or IP address, including port. Examples: example.com, example.com:1234/example, 1.1.1.1, and 1.1.1.1:53.
   • Application: Specify an application to test
   • Authentication Provider: Specify an authentication provider where multiple providers may be configured
   • Username: The username to test
   • Group/s: The user group or groups to test
   • Protocol: The protocol of an access policy
3. Click "Test Policy"

The criteria provided will be used to evaluate access policies across all zones pair and the default protocol used will be TCP. Select an alternative protocol should you require specific protocol matching. The following output is displayed when using access policy test tool.

Info

• The Access Policy Test tool does not support Fast Path policies. This capability will be added in a future release
• The Access Policy Test tool does not support RoamSafe Agent policies. This capability will be added in a future release
• The Access Policy Test tool does not support Schedule criteria such as Time of Day and Date range. This capability will be added in a future release