Create a Dynamic Access Policy Record

A dynamic access policy (DAP) can contain multiple DAP records, where you configure user and endpoint attributes. You can prioritize the DAP records within a DAP so that the threat defense can select and sequence the required criteria when a user attempts VPN connection.

Procedure

Step 1	Choose Devices > Dynamic Access Policy.
Step 2	Edit an existing dynamic access policy or create a new one and then edit the policy.
Step 3	Specify the Name for the DAP record.
Step 4	Enter the Priority for the DAP record. The lower the number, the higher the priority.
Step 5	Select one of the following actions to take when a DAP record matches: Continue—Click to apply access policy attributes to the session. Terminate—Select to terminate the session. Quarantine—Select to quarantine the connection.
Step 6	Check the Display User Message on Criterion Match check-box and add the user message. The threat defense displays this message to the user when the DAP record matches.
Step 7	Check the Apply a Network ACL on Traffic check-box and select the access control list from the drop-down.
Step 8	Check the Apply one or more Secure Client Custom Attributes check-box and select the custom attributes object from the drop-down.
Step 9	Click Save.