You can create application-specific policies to manage user access to specific Web and desktop applications.

Before you begin

  • Configure the appropriate network ranges for your deployment. See Add or Edit a Network Range.

  • Configure the appropriate authentication methods for your deployment. See Configuring User Authentication in VMware Identity Manager.

  • If you plan to edit the default policy (to control user access to the service as a whole), configure it before creating an application-specific policy.

  • Add the Web and desktop applications to the catalog. At least one application must be listed in the Catalog page before you can add an application-specific policy.

Procedure

  1. In the administration console Identity & Access Management tab, select Manage > Policies.
  2. Click Add Policy to add a new policy.
  3. Add a policy name and description in the respective text boxes.
  4. In the Applies To section, click Select and in the page that appears, select the applications that are associated with this policy.
  5. In the Policy Rules section, click + to add a rule.

    The Add a Policy Rule page appears.

    1. Select the network range to apply to this rule.
    2. Select the type of device that can access the applications for this rule.
    3. Select the authentication methods to use in the order the authentication method should be applied.
    4. Specify the number of hours an application session can be open.
    5. Click Save.
  6. Configure additional rules as appropriate.
  7. Click Save.