This is the third in Wendy Nather’s blog series on BeyondCorp - all about setting up the access proxy policies. In this blog, she lists the different types of access policies to consider:
- Warning - strongly recommending or requiring action at some point in the future.
- Blocking - the heaviest of the policies, preventing access entirely.
- Logging - taking note of a condition or event.
- Mitigating - loosening or reversing the effects of another policy based on certain risk scenarios.
- Responding - taking short-term actions to react to a particular situation.
Each section is described in more detail in the blog, supported by screenshots of Duo’s policies. Give it a read and let us know what you think.