Skip to main content

BlastShield Documentation

Create groups and policy

A group is a logical collection of endpoints, agents and/or users that are grouped together. Groups in BlastShield™ are independent of the underlying network segmentation which gives you flexibility to configuration micro-segmentation without having to rely on complex VLAN configuration. 

Groups are connected via policies, which form the foundation for BlastShield™ access control and segmentation management.

Policies are a simple way to grant users access to a protected asset by linking a group of users to a group of BlastShield™ Host Agents or Gateway endpoints.  Policies work using a simple ‘From’ and ‘To’ methodology which links a group of users to a group of agents.  You must install one BlastShield™ Agent on each server that you want to provide secure access to.

Summary

  1. Create a group for your users and a group for your Host Agents and/or Gateway endpoints.

  2. Create a policy to link the groups.

To learn how to create groups and policy, watch the following video or read the steps below.

Procedure
Create a group for your Host Agents/Gateway endpoints and a group for your user

  1. Select Groups from the left menu.

  2. Select Add New Group from the Group List.

  3. Enter a name for the new Group.

  4. To add members to the new group, click the Add Members button.

  5. The Add Group Members menu will open.

    1. To add users to the group, click the Users drop-down box and select the desired users which you want to add to new Group.

    2. To add Host Agents to the group, click the Agents drop-down box and select the desired Host Agents which you want to add to new Group.

    3. To add Gateway endpoints to the group, click the Endpoints drop-down box and select the desired Gateway endpoints which you want to add to new Group.

  6. Click Add Members to save the members.

  7. Click Save to save the new group.

  8. Repeat the above so that you have one group for your users and another group for your Host Agents or Gateway endpoints.

Create a policy to link your user group to your Host Agent / Gateway endpoint group.

  1. Select Policies from the left menu.

  2. Select"Add New Policy from the Policy List.

  3. Enter a name for the new Policy.

  4. Select desired From Groups to be associated with the new Policy.

  5. Select desired To Groups to be associated with the new Policy.

  6. Save the new Policy.

Now that the policy has been created, the users should be able to connect to your instance using your usual connection methods.

Tip

You can add multiple groups into the From and To fields of a policy

In this section: