11.1 Location Concepts

You should understand the following concepts before using locations within a policy:

Defined Locations

You define the locations that are appropriate for your organization. When you define a location, you give it a name (for example, Work, Home, or Airport), supply the network environment parameters that identify the location, and configure the security settings to be applied in the location.

For example, you might define a Work location that is identified by specific Gateway servers or wireless access points within your office network. When the Security Client detects those specific network environment parameters, it applies the security settings associated with the Work location.

You can give each location unique security settings, denying access to certain kinds of networking and hardware in more hostile network environments and granting broader access within trusted environments.

The Unknown Location

All policies have an Unknown location that is automatically created with the policy. This is the location the Security Client switches users to when the its current network environment does not match a defined location. You can customize the settings for the Unknown location as needed. For example, you might make the settings more restrictive to provide higher security in the unknown location.

Shared Locations

After you define a location for a policy, the location becomes a shared component that can be used in other policies. For example, you might have one security policy for your corporate office users and another for mobile users. However, you can use the same Corporate Office location in both policies so that mobile users who frequent the corporate office receive the security settings for that location.

If you change the security settings for a shared location, it is changed in all policies. To help ensure that this is acceptable for all policies, you can easily view which policies use a location.