Access Control Rules enable you to apply network access permissions and restrictions based on defined rules. The rules can address network resources, a user's role or purpose in the organization, or the device type that is used to access the network. Network access control is dynamic. End-user network access can change as group associations change without a network administrator getting involved.
ExtremeCloud IQ Controller grouping is the building block for Access Control Rules. An Access Control Rule consists of one or more groups, a policy role definition, and an optional captive portal specification. The policy role that defines the access control action is specified in the Access Control Rule.
Through the use of group criteria, the Access Control Rule definition provides dynamic control over network access. Specify up to four group criteria from defined groups. The rule definition is a logical "And" of the group criteria. This structure allows for varied levels of granularity in the Access Control Rule definition.
Before configuring Access Control Rules, configure groups, policy roles, and captive portal definitions that you can use in a rule definition.