Online Help Center Home
Privacy and Personal Data Collection Disclosure
- Pre-release Disclaimer
- Pre-release Sub-feature Disclaimer
Trend Vision One Data Privacy, Security, and Compliance
What's New
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- Release Notes
Introduction
- Trend Vision One
- Checking the Trend Vision One Service Status
  - SERVICE LEVEL OBJECTIVES FOR TREND VISION ONE (herein this “SLO”)
Getting Started
- Getting Started with Trend Vision One
- Getting Started with Vulnerability Assessment
Risk Insights
- Executive Dashboard
- Attack Surface Discovery
- Operations Dashboard
Dashboards and Reports
- Security Dashboard
  - Customizing the Security Dashboard
  - Protocol Groups in the Scanned Traffic Summary Widget
- Reports
XDR Threat Investigation
- Detection Model Management
- Workbench
  - Alert View
  - Incident View
- Search App
- Observed Attack Techniques
- Targeted Attack Detection
- Forensics and Analysis
- Managed Services
- Companion
Threat Intelligence
- Campaign Intelligence
  - Threat Information Screen
- Intelligence Reports
- Suspicious Object Management
  - Suspicious Object List
  - Exception List
    - Adding Exceptions
- Sandbox Analysis
- Third-Party Intelligence
  - TAXII Feeds
    - Configuring a TAXII Feed
  - MISP Feeds
Workflow and Automation
- Security Playbooks
- Response Management
  - Response Actions
  - Response Data
- Third-Party Integration
- API Automation Center
- Service Gateway Management
Zero Trust Secure Access
- Getting Started with Zero Trust Secure Access
- Secure Access Overview
- Secure Access Rules
- Secure Access Resources
- Secure Access History
- Secure Access Configuration
- Troubleshooting Zero Trust Secure Access
Assessment
- Cyber Risk Assessment
Endpoint Security Operations
- Endpoint Inventory 2.0
- Endpoint Inventory
  - Getting Started with XDR for Endpoints
  - Managing the Endpoint List in Endpoint Inventory 1.0
    - Endpoint List Settings in Endpoint Inventory 1.0
- Endpoint Policies
- Trend Cloud One - Endpoint & Workload Security
Endpoint Security Operations (for Standard Endpoint and Server & Workload Protection)
- Getting Started with Trend Vision One Endpoint Security
- Endpoint Inventory
- Standard Endpoint Protection
- Server & Workload Protection
Cloud Security Operations
- Trend Vision One Container Security
- XDR for Containers
  - Getting Started with XDR for Containers
Network Security Operations
- Network Inventory
- Network Intrusion Prevention
Email Security Operations
- Email Account Inventory
  - Email Sensor Management
Mobile Security Operations
- Getting Started with Mobile Security
- Using Mobile Security in Conjunction with MDM Solutions or Azure AD
- Using Mobile Device Director
Service Management
- Product Connector
  - Connecting a Product
  - Required Settings on Supported Products
- Product Instance
- Cloud Accounts
Account
- User Accounts, Roles, and Single Sign-On (Legacy)
- User Accounts, Identity Providers, and User Roles (July 2023 update)
- Notifications
- Audit Logs
  - User Logs
    - User Log Data
  - System Logs
    - System Log Data
- Console Settings
- License Information
- Credit Usage
- Support Settings
  - Enabling Hypersensitive Mode
Getting Help and Troubleshooting
- Help and Support
  - Creating a Support Case
- Self-Diagnosis

Creating a Private Access Control Rule

Configure a private access control rule to control access to your organization's internal apps based on user, device, time, and location.

Note:

Trend Vision One automatically creates a default private access rule to apply whenever no other private access rules are matched. The default rule blocks all access to configured internal apps.

On the Secure Access Rules screen, click the Private Access Control tab and then click Create Rule.
The rule configuration screen appears with the Internal app access rule template selected.
Specify a unique name and a description for the rule.
(Optional) To enable or disable the rule, click the toggle next to Status.
Tip:
You can also enable or disable rules on the Secure Access Rules tab.

Configure the following rule factors.

Rule Factor	Description	Options
Source	The users, devices, and locations that the rule applies to	User/user groups Specify users and groups from your IAM system. Note: If you have configured more than one IAM system, the IAM system with SSO enabled applies.
		Device posture profile Select the device posture profile to include devices in the rule enforcement. Note: This option only applies to private access initiated with the Secure Access Module. This means that end users can launch their allowed browser access enabled applications from the user portal, regardless of the security posture of the their devices. To add a device posture profile, click Add customer device posture profile.
		Locations Specify public/home network locations defined by IP address groups or geographic regions. Locations identify roaming users, such as users connecting to public Wi-Fi networks or working from home. Tip: To define a new public/home network location using one or more IP addresses, click Add public IP address group.
Destination	The internal apps that the rule applies to	Applications Specify previously configured internal applications. Tip: To add an internal app, click Add Internal Application on the Select Apps screen. For more information, see Adding an Internal Application to Private Access.
Schedule	The weekly period that the rule is applied	To configure the recurrence of the schedule, select Only apply the rule during the specified period, and then select a start date and end date. Note: The schedule uses the defined time zone of the console.
Action	The action taken when the rule is triggered	Access control Allow, block, or monitor access to internal applications. Note: Select Monitor Internal App Access to allow the internet access but log the activity. For more information about actions, see Zero Trust Actions.

Click Save.
The rule is successfully created and listed on the Private Access Control screen.