Page tree
Skip to end of metadata
Go to start of metadata

You can use PATROL Agent Access Control Lists (ACLs) to restrict user access to specific PATROL Agents. You can specify ACLs as objects in authorization profiles. Each ACL contains one or more conditions that identify specific Agents. If you do not specify a PATROL Agent ACL in an authorization profile, those users can access all PATROL Agents. 

Example

A PATROL Agent ACL that specifies "Host name matches .*.labs.acme.com" restricts the user to those PATROL Agents on systems that have host names ending with .labs.acme.com. Users associated with this authorization profile cannot access any PATROL Agents on other systems. 

PATROL Agent ACLs are not designed to segregate devices. You can set up monitoring policies to automatically segregate PATROL agents based on various criteria. For example, you can create a monitoring policy to monitor all PATROL Agents that run on Windows. For information about creating monitoring policies, see To create a monitoring policy .

From the PATROL Agent ACLs page, you can perform the actions identified in the following image: 

A different type of object

When you specify other types of objects in an authorization profile, you enable access. PATROL Agent ACLs are different in that they restrict access to PATROL Agents not specified in the ACL. 

1Action menu to create new PATROL Agent ACLs
2List of your PATROL Agent ACLs
3Action menu to edit, view, or delete your PATROL Agent ACLs

Related topics

Role-based access

Managing roles

Managing authorization profiles

Specifying objects

Performing actions on a PATROL Agent

To create a monitoring policy