Default Settings for Private Access Rules

You can choose default settings that will automatically populate newly created access rules by default.

Configure these settings on the Rule Defaults page: Navigate to Secure > Access Policy, click Global Settings and Rule Defaults, then click the Rule Defaults tab.

The following settings apply to private access rules:

  • Zero Trust Connection Endpoint Posture Profiles
    Posture profiles specify end-user device requirements when connecting to private resources using zero-trust access. Specify default requirements for connections from devices on which the Cisco Secure Client is installed and from devices on which the client is not installed.
    When choosing default posture profiles, keep in mind that if endpoints do not meet the requirements specified in the profile selected in a rule, the rule will not match the traffic.
    For more information about these posture profiles, see Manage Zero Trust Access Posture Profiles.
  • Zero Trust Access: User Authentication Interval
    Specify the frequency with which end user must sign in to the network, in order to connect to any private resource using client-based zero trust access. When disabled, users are not prompted to re-authenticate to the network.
    For details, see Network Authentication for Zero Trust Access.
  • Intrusion Prevention (IPS) Profile
    Specify the traffic-inspection behavior to use by default in new access rules.
    Important!! This setting applies to both private access rules and internet access rules.
    For more information about IPS Profiles, see Manage IPS Profiles.

The other settings on the Rule Defaults page apply only to internet access rules.

To edit default settings, see See Edit Rule Defaults and Global Settings.



Choose rule defaults carefully; changing these settings later may impact existing rules. See Important Information About Changing Rule Defaults.

Components for Private Access Rules< Default Settings for Private Access Rules > Add a Private Access Rule