Access Control Lists: Portal ACLs
Use the Security > Access Control Lists > Portal ACLsoptions to further restrict access to various portals within Ivanti EPMM.
This section includes the following topics:
Enabling an ACL Portal
Procedure
- Log into System Manager.
- Go to Security > Access Control Lists > Portal ACLs.
-
Select the portal you want to enable.
Refer to Portal ACLs window for details.
-
Enter the IP address or network/mask pair to specify servers or networks that may access this component. Separate the entries with spaces.
Examples:
- 100.0.0.0 150.0.0.0
- 101.0.0.0 10.0.0.0/255.255.255.0
You must use the expanded form of the mask. Do not specify an entry similar to 10.0.0.0/24.
If your Ivanti EPMM is behind a NAT, enter the IP of the NAT network.
Remember that the Sentry must be able to access Ivanti EPMM. If it does not have access, then the ActiveSync Devices page will not display devices.
- Click Apply > OK.
Portal ACLs window
The following table summarizes fields and descriptions in the Portal ACLs window:
Fields |
Description |
User Portal |
Enables device users to register their devices, view device information, and manage their devices. |
The Admin Portal. |
|
The System Manager. |
|
The Sentry installed for ActiveSync access control. |
|
The Web Services API. |
|
The iOS MDM service for profile management. |
|
The iReg service that enables provisioning iOS devices without installing the MI Go app. |
|
OAuth API |
Enables or disables the OAuth API. You can control access to the OAuth API by defining IP addresses, ranges of IP addresses and subnets based on the values they enter into the field. Addresses can be internal (non-routable) or external (routable). With this control, you can limit access to OAuth API from routable IP addresses or restrict access to specific machines for security reasons. |
The app management service for iOS. |