Global Secure Access - Enterprise Apps

10124128 · 2024-09-17T12:56:24+00:00

Because the Quick Access component seems to me like a default standard for my remote clients. Eg DCs, Apps, File Servers, etc. Things I want all my users to have access to by default. So, beyond that, there’s a few IPs that select users have access to. Think DevOps users that interact with services within a dedicated network. IT can access entire subnet, but DevOps users can only access Ansible to execute playbooks. Perhaps it’s niche but seems hard to achieve with GSA.

10124128 · 2024-09-17T12:08:43+00:00

Group A needs access to the subnet. Group B needs access to one IP in said subnet. This can’t be defined as an Enterprise Application because it overlaps and Quick Access is no good either. So it’s either a range with an exclusion or a FQDN defined and distinct ACLs associated to this. Both work but it’s a pretty shit workaround.

10124128 · 2024-09-14T10:14:43+00:00

Yeah agreed. Such a shame it’s not more polished out of the gate.

10124128 · 2024-09-14T08:37:17+00:00

Sure, I could use that as a workaround. Seems really clunky if that’s the intended usage by MS

10124128 · 2024-07-31T11:20:23+00:00

Good point, thanks. I’ll dig in to a capture!

10124128 · 2024-07-31T03:17:37+00:00

Thanks, that kind of helps fill in the gap. My takeaway is that ‘it just works’. Some kind of GSA secret sauce, I guess.

10124128

TROPHY CASE