There is no limit to the number of groups in a given policy
"From" Groups will have access to "To" Groups within the policy
"To" Groups will not have access to "From" Groups within the policy
Groups can be in one or multiple policies simultaneously
Policies are directional, so that you can control the direction in which connections may be initiated. Typically for remote access use-cases your policy would be from the "user group" to the "server group" so that users may start connections to the servers, but servers cannot start connections to users. You can create bi-directional permissions by using two policies.
Examples of Policies
Group 1 contains three endpoints - A, B, and C
Group 2 contains three endpoints - D, E, and F
Group 1 endpoints can access Group 2 endpoints
Group 2 endpoints cannot access Group 1 endpoints
These groups are connected by a policy - Policy X
Group 3 contains two endpoints - D and F
Group 4 contains a single endpoint - A
Group 3 endpoints can access Group 4 endpoints
Group 4 endpoints cannot access Group 3 endpoints
These groups are connected by a policy - Policy Y
Notice that endpoint A is associated with multiple groups and multiple policies
Can't find what you are looking for?
Having trouble finding a video or instructions for a specific task?