Configuring Lock-down Exception Rules

Lock-down exception rules section is enabled by selecting Always-on Pulse Client or VPN Only Access options.

In the New Configuration section, administrator can add Lock-down mode exception rules for Windows and for 9.0R2 release onwards for macOS. Administrator must configure these rules for which traffic need to be exempted when Lock-down mode has applied at user end.

Until 9.1R10, the core access rules using exemption were pre-defined and administrators were not allowed to configure. From 9.1R11 onwards, the PCS populates the list of core access rules depending on the platforms. Administrators are allowed to modify and reorder the list. Administrators can also configure the exception rules with allow/deny option.

To configure Lock-down exception rules, use the following steps. This feature is supported from PCS 8.3R3/PDC 5.3R3 onwards.

1.On the Pulse Connect Secure administrator console, select Users > Pulse Secure Client > Connections.

2.Click a Name and select New under Lock-down mode exception rules.

Connection Settings

3.Enter the rule Name and Description. Select the traffic type.

•Inbound traffic is always directed towards user’s machine (Example: RDP).

•Outbound traffic is always directed towards outside the machine (Example: Skype for Business Application).

•Select Allow or Deny actions to configure the exception rules.

New Lock down exception rule

4.Select the exception type from Resources. Fill in appropriate details. For more information, see “Configuring Lock-down Exception Rules”.

5.Click Save Changes.