09-13-2021 01:23 PM
Hi
We know Policy set is a container containing authentication and authorization rules etc. each authentication and authorization policy also has Conditions option for us to fill out, but Policy Set also has Condition option that we use to define. How does this Policy set Condition work? Do you think Policy set condition is necessary?
Solved! Go to Solution.
09-14-2021 07:18 AM
@Leftz you don't need a condition on the default policy set. If you have more than one policy set you will need a unique condition to differentiate between the 2 policy sets.
09-13-2021 01:57 PM
@Leftz I generally use policy set conditions to distinguish between different connection scenarios, such as 802.1x Open Mode or 802.1x Closed More or Remote Access VPN etc. In a large complex environment, without having multiple Policy Sets you could have a overly complex Policy Set. By using multiple Policy Sets if the connection does not match the condition configured under the Policy Set, it will completely skip that Policy Set until it matches another, at which point it will process the associated authentication and authorisation rules. Depending on the size of your environment, using multiple Policy Sets will speed up the authentication/authorisation process.
09-14-2021 07:08 AM
Thank you Rob! Can I say in some situation, the condition in Policy set is not required?
09-14-2021 07:18 AM
@Leftz you don't need a condition on the default policy set. If you have more than one policy set you will need a unique condition to differentiate between the 2 policy sets.
09-15-2021 12:08 PM
Understood. Thank you Rob!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide