Configure a secure access rule to control a user or device' sign-in or app access activity based on their risk scores or risks discovered in them.
When a user or device matches the criteria in a risk control rule, based on the actions configured, Trend Micro Vision One monitors the user or device's subsequent activity and takes action when the monitored activity occurs, for example, a user with a persistent high risk score attempts to sign in to a new browser session or access an internal app of your organization.
The available templates appear in the list. For more information about the templates, see Secure Access Rule Templates.
The rule configuration screen appears.
You can choose another rule template from the Rule template drop-down list. The configuration items vary with the template.
By default, the rule template name and description are displayed as the rule name and description.
You can also choose to enable or disable a rule on the Secure Access Rules screen after you create the rule.
In this release, only All devices is supported.
Options include:
Always: The rule takes effect all the time once created and enabled.
Custom: Customize the time and date when the rule takes effect.
Trend Micro Vision One applies the rule according to the current time zone specified for the Trend Micro Vision One console.
This determines the criteria on which users or devices hit the rule.
When a user or device matches the rule criteria, Trend Micro Vision One takes configured actions to control the user or device's subsequent sign-in or app access activity. For more information about actions, see Zero Trust Actions.
User Behavior |
Action |
---|---|
Sign-in attempt |
Whether to allow the user to sign in to a new application or browser session or continue with a currently active application or browser session Options include:
|
Internal app access |
Whether to allow the user to access your organization's internal apps configured on the Trend Micro Vision One console Options include:
|
Cloud app/URL access |
Whether to allow the user to access cloud apps and external URLs on the internet Options include:
|
Device Behavior |
Action |
---|---|
Isolate Endpoint |
Disconnects the target endpoint from the network, except for communication with the managing Trend Micro server product Important:
The Zero Trust Secure Access app sends the command to the Response Management app to take the action. Make sure that at least one of the following supported agents is installed on your devices: Trend Micro Vision One, Apex One as a Service, Cloud One - Workload Security. For more information, see Response Actions. |
Internal app access |
Allows or blocks use of the device to access your organization's internal apps configured on the Trend Micro Vision One console Options include:
Important:
Internal app access control in device-targeted rules applies only to devices deployed with the Secure Access Module. Make sure that you have deployed the Module to your devices and configured the Private Access Service in the Zero Trust Secure Access app. |
By default, this option is enabled.
The rule is successfully created and listed on the Secure Access Rules screen.