Seqrite HawkkProtect

Policies

Print Friendly, PDF & Email

Policies govern the connections that are attempted from users to applications. A policy prevents unauthorized users from accessing any applications. It also grants access to authorized users to access specific applications as required.
On this page, you can create policies for users and applications and publish them. If the policies are pushed to the gateway and successfully applied, the status is updated as published.

Policy Management 2.0.5

At the top of the page, few widgets display the count for All, Published, Draft, Publish Failed and Observe Policies.

Policy States

Policy State Description
Published A policy that is successfully configured and allows a user to access applications accordingly is a Published Policy.
Draft Administrator can create some policies that may not be implemented immediately or may be needed later. Such policies are saved as Draft Policies.
Publish failed If a policy fails to be applied to a site, it is a Publish Failed policy.

Observe

An administrator may want to monitor certain connection attempts. So, Administrator can create a policy with Observe mode on. This type of policy is an Observe policy.
Connections attempted under such policy will be allowed but will be represented with a different color on the Visibility page.

Further, the following details of all the existing policies are listed.

Column Name Description
IDENTIFIER Suitable identifier for the policy.
NAME Name of the policy.
STATUS Current status of the policy.
OBSERVE Denotes whether the connections allowed under the policy will be observed or not.
STATE Current state of the policy.
LAST UPDATED ON The date and time on which the policy was last updated.
WAF Configured To enable WAF rules for the policies.
Search To search policies by name.
Add Filter To add a filter. To know more, refer the Adding a filter to refine the view section on Visibility page.
Refresh Click the icon on the upper right corner to refresh the page.
Add Policy Click the Add Policy icon in the upper right corner to add a policy.

The policies can be sorted by name when you click the sorting symbol next to the NAME column.

Actions available with policies

When you hover over each policy, the following options appear on the right side next to the Last Updated On column.

Action Icon Action Label Description
Edit Edit To edit the details of the policy.
Delete Delete To delete the policy.
right arrow View and Edit details To view and edit the details of the policy.

Click a policy to view policy details in the right pane.

Fields Description
Identifier Policy Identifier.
Name Policy Name.
Status Current status of the policy.
Observe Whether connection is being observed or not.
State Current state of the policy.
Last Updated On The date and time on which the policy was last updated on.
Last Updated by The administrator who last updated the policy.
Description Policy description.
IdP Name The name of the identity provider.
Application Tags The tags applied on applications/ services according to which connection is allowed.
Enable/Disable To enable or disable the policy.
Observe To mark the connections allowed under the selected policy as ‘observed’ connection type.

Adding a policy

Adding a Zero Trust Policy

To add a Zero Trust Policy, follow these steps.

  1. Click the Add Policy button. The Add Zero Trust Policy page appears.
  2. Enter the following information in the Policy Information section.

    • Enter the identifier for the policy.
    • Enter the policy name.
    • Select On or OFF under Observe.
      This indicates whether the connections allowed under this policy are marked as Observed on Visibility page.

    • Enter the detailed description of the policy.

  3. Enter the following information in the Allow Rule section.

    • Select the any one of the local or external prominent identity providers.
    • Enter the user tags.
      These are the tags applied on user from where the connection is established.
    • Enter the application Tags.
      These are the tags applied on applications where the connection is received.
    • Enter the user exception tags.
      Based on connection requirement, these tags will exclude users to whom available source tags are applicable.

      Note:
      The Application and User Tags are fetched from the centralized HawkkEye Tags. Please refer
      HawkkEye Tags for more details.

  4. After entering this information, you can click Save as Draft or Add policy as required.

Adding a Firewall Policy

To add a firewall policy, follow these steps.

  1. Enter the identifier for the policy.
  2. Enter the policy name.
  3. The default mode is selected as Blocked by default.
  4. Select On or OFF under Observe.
    This indicates whether the connections blocked under this policy are marked as Observed on Visibility page.
  5. Enter the detailed description of the policy.
  6. Select the applications to which you want to apply the policy.
  7. Enter the Blocked IP list. You can add a single IP address or multiple IP addresses, or subnets as required. All these addresses must be separated by a comma.
  8. Enter the Allowed IP addresses/ list.
  9. Select the list of Blocked countries from where the connections are originating.
  10. Enter the common application parameters as required.
  11. After entering this information, you can click Save as Draft or Add policy as required.

Adding a DDoS Policy

To add a DDoS policy, follow these steps.

  1. Enter the identifier for the policy.
  2. Enter the policy name.
  3. Enter the detailed description of the policy.
  4. Select the applications to which you want to apply the policy.
  5. Select the Rate-Limiting Scope (whether the DDoS Rule should be applied on the basis of origin IP address or destination applications.) either IP Address or Application.
  6. Enter time in seconds for Time Frame for which the number of connections will be calculated.
  7. Enter the number of requests that will be allowed for the specified Time Frame. If the number of requests exceeds this number, then the connections will be blocked.
  8. Enter the allowed IP address list.
  9. Enter the common application parameters as required.
  10. After entering this information, you can click Save as Draft or Add policy as required.

Example 1
Adding a firewall policy for restricting a user
If you want to block traffic originating from a user with particular source IP address and country, follow these steps.

  1. Log on to Seqrite HawkkProtect portal. Navigate to Policy Management in the left pane.
  2. Click the Firewall tab at the top.
  3. Click the Add Policy button.
  4. Enter the identifier and name as required.
  5. Enter the source IP address as 35.123.23.21. You can enter more IP addresses or subnets if you wish to.
  6. Enter the exceptions IP addresses (Whitelisted IP Address), if any.
  7. Select the applications to which you want to apply the policy.
  8. From the list of countries, select China.
  9. From the common application parameters, select custom path.
  10. Add the value as admininfo.
  11. After this is done, click Add Policy.

After this policy is applied, a user with source IP 35.123.23.21 and source country China will not be able to access configured application with custom path /admininfo (eg: www.example.com/admininfo if example is the selected application).

Was this page helpful?
Yes No