Create a network access control policy Skip Navigation

Create a network access control policy

Define your private network.
The network access control tab is not available if your tenant is enabled for ACL.
  1. On the menu bar, click
    Policies > User Policy
    .
  2. Click the
    Network Access Control
    tab.
  3. Click
    Add Policy
    .
  4. Type a name and description for the policy.
  5. To specify public Internet destinations that you want to block access to, select
    Blocked Network Connections
    , then click The Add icon.
  6. Perform one of the following actions:
    Task
    Steps
    Block access to a network service.
    1. Select
      Network Services
      .
    2. Select one or more network services from the list.
    3. Click
      Add
      .
    Block access by IP address or CIDR.
    1. Select
      IP addresses / IP ranges / CIDRs
      .
    2. Type the addresses that you want to block.
    3. Click
      Add
      .
    Block access by FQDN.
    1. Select
      FQDNs
      .
    2. Type the addresses that you want to block. Wildcards are not supported.
    3. Click
      Add
      .
    If you specify blocked Internet destinations using FQDNs, a destination may become temporarily available to some users if its IP address changes and either the FQDN has been resolved and cached on the device or the IP address is used directly.
  7. To specify destinations on your private network that you want to allow access to, select
    Allowed Network Connections
    , then click The Add icon.
  8. Perform one of the following actions
    Task
    Steps
    Allow access to a private network service.
    1. Select
      Network Services
      .
    2. Click
      Allowed network connections
      and select one or more network services from the list.
    3. Click
      Add
      .
    Allow access by IP address or CIDR.
    1. Select
      IP addresses / IP ranges / CIDRs
      .
    2. Type the addresses that you want to allow access to.
    3. Click
      Add
      .
    Allow access by FQDN.
    1. Select
      FQDNs
      .
    2. Type the addresses that you want to allow access to. Wildcards are not supported.
    3. Click
      Add
      .
  9. Click
    Add
    to save the policy.