SwiftZAccess ( Agentless-ZTNA ) > SwiftZAccess Configuration and Policy orchestration > Agentless Domain Access Management

Domain Access Management

Domain Access Management in SwiftZAccess enables administrators to enforce fine-grained, context-aware access control for onboarded applications. By combining identity with real-time device and environmental conditions, access decisions are dynamically evaluated using Device Posture Check (DPC) and policy rules.

This ensures that only trusted users on compliant devices under approved conditions can access protected domains.

Device Posture Check (DPC)

Navigation: Sidebar → Organization → ZTNA → Access Policy

What is DPC?

Device Posture Check (DPC) validates the security and context of a user’s device before granting access. It acts as a pre-access verification layer in the Zero Trust model.

DPC Validation Parameters

DPC evaluates multiple factors to determine whether access should be granted:

1. OS Compliance

  • Verifies operating system type and version

  • Ensures device meets organizational security standard

2. Browser Type

  • Restricts access to approved browsers

  • Prevents usage of unsupported or insecure browsers

  • Source IP

  • Validates the originating IP address

  • Allows or restricts access based on IP ranges

3. Location

  • Enforces geo-based access control

  • Restricts access from unauthorized regions

4. Date & Time

  • Controls access within defined time windows

  • Useful for shift-based or time-restricted access

5.Device Health Status

  • Ensures the device meets security posture requirements

  • Can include checks such as:

    1. Security configurations

    2. Compliance status

Access Policy Creation

Steps to Create an Access Policy

  1. Open Access Policy Page

    • Navigation: Sidebar > Organisation > ZTNA > Device Posture Check

    • Click on Add

  2. Enter Basic Details

    • Name: Provide a unique name for the access policy

  3. Configure DPC Rules
    Define conditions that must be met for access:

    • OS requirements

    • Device health criteria

    • Browser restrictions

  4. Define Access Conditions
    Set contextual rules for access:

    • Location: Allow or restrict based on geographic region

    • Source IP: Specify allowed or blocked IP addresses or ranges

    • Browser: Restrict access to specific browsers

    • Date Range :Define start and end dates for policy validity

    • Time Range :Specify allowed access hours

    • Days: Restrict access to specific days (e.g., weekdays only)

    • Save Policy:

      • Click Add to create the policy

      • The policy will appear in the policy table

Policy Evaluation Flow
When a user attempts to access a domain:

  1. User authentication is completed

  2. Device posture is evaluated via DPC

  3. Contextual parameters (IP, location, time) are checked

  4. Matching policies are applied

  5. Access is granted or denied based on evaluation

All checks are enforced before access is granted to the application

Best Practices

  • Combine multiple conditions for stronger security

  • Use IP and location restrictions to prevent unauthorized access

  • Apply time-based policies for operational control

  • Regularly review and update DPC rules

  • Test policies before enabling in production

Benefits

  • Enhanced security through context-aware access control

  • Reduced risk of unauthorized access

  • Improved compliance with organizational policies

  • Flexible and dynamic policy enforcement

Domain Access Management with Device Posture Check (DPC) enables organizations to implement robust Zero Trust access controls. By validating device health and contextual parameters in real time, SwiftZAccess ensures that only compliant users under approved conditions can access critical applications.