Gateway

Configuring Conditional Policies

When configuring policies, you can use any Boolean expression to express the condition for when the policy applies. When you configure conditional policies, you can use any of the available system expressions, such as the following:

  • Client security strings
  • Network information
  • HTTP headers and cookies
  • Time of day
  • Client certificate values

You can also create policies to apply only when the user device meets specific criteria, such as a session policy for SmartAccess.

Another example of configuring a conditional policy is varying the authentication policy for users. For example, you can require users who are connecting with the Citrix Gateway plug-in from outside the internal network, such as from their home computer or by using Micro VPN from a mobile device, to be authenticated by using LDAP and users who are connecting through a WAN to be authenticated using RADIUS.

Note: You cannot use policy conditions based on endpoint analysis results if the policy rule is configured as part of security settings in a session profile.

Configuring Conditional Policies