Many companies allow their employees to work from their own devices and PCs, or BYOD devices ("Bring Your Own Device"). In UserGate, network administrators can manage BYOD devices, e.g. through limiting Internet access from devices by device type, number of simultaneous devices per users or by specific model.
Important! BYOD management requires properly configured authentication of users via the Captive portal. Note that BYOD policies cannot be applied to user devices that are not authorized via the Captive portal. For more details on the Captive portal, please refer to Configuring a Captive portal.
To set up BYOD management, perform the following steps:
|
Name |
Description |
|---|---|
|
Step 1. Create a new rule for the Captive portal |
For more details on how to create rules of the Captive portal, please refer to Configuring a Captive portal . |
|
Step 2. Create a new BYOD policy |
Create one or more BYOD policy rules |
Important! Rules are applied from top to bottom in the same order as they are displayed in the console. The system always applies only the first rule for which all criteria are met. This means that the most specific rules must be in the upper part of the list, while the broader rules must be in the bottom. If you want to change the order of rules, use the Up/Down buttons.
Important! If no rules have been created, then all device types will be allowed.
To create a new rule for the BYOD policy, click Add in the BYOD policies section and then specify the following parameters:
|
Name |
Description |
|---|---|
|
Name |
Name of the BYOD policy rule |
|
Comment |
Description of the BYOD policy rule |
|
Action |
Allow - use this option to allow connections from devices that meet the rule's criteria Deny - use this option to prohibit connections from devices that meet the rule's criteria |
|
Administrator's approval required |
Applicable to "allow" rules only. When this option is enabled, each user device successfully authorized for the first time via the Captive portal will be added to the list of BYOD devices, but the Internet access will not be available until your network administrator confirms the device. |
|
Maximum total devices |
Applicable to "allow" rules only. Maximum number of devices per user for Internet access. This parameter is not applicable to rules containing Known, Unknown or Any users. |
|
Maximum active devices |
Applicable to "allow" rules only. Maximum number of simultaneous devices per user for Internet access. This parameter is not applicable to rules containing Known, Unknown or Any users. |
|
Users/Groups |
List of users and groups of users to which this BYOD policy rule is applied. |
|
Device type |
Device type to which this BYOD policy rule is applied. |
Devices from which users connect to your network are listed in Users and devices-->BYOD devices. Network administrators can prohibit or allow access from certain user device by selecting this device in the list and clicking Disable or Enable respectively. From here, you can also confirm access from a certain user device if the BYOD policy requires approval of your network administrator.