Groups contain policies and settings that you can manage as a single unit. With groups, you can simplify policy management for users.
Policies specified at the user level take precedence over those specified at the group level.
Surfing quota: Access based on a defined period and type. This policy can include a cycle type, hours, validity, and maximum hours.
Access time: Access or denial based on a defined recurring period.
Network traffic: Access based on bandwidth usage.
Traffic shaping: Access based on QoS traffic shaping policy. This policy can include a policy association, priority, and specific limits for uploading and downloading.
Remote access: Access to be applied to remote users through VPN. This relates to SSL VPN connections through the Sophos Connect client and the legacy SSL VPN client.
Clientless: Access to be granted to users using only a browser as a client. This policy can include bookmarks or resources that clientless users are allowed to access.
User policies take precedence over policies of the group to which the user belongs.
Quarantine digest: Sends a list of emails held in the quarantine area to the user's inbox as a digest.
MAC binding: Require users to log on through the specified devices.
L2TP: Allow access using L2TP. Optionally, specify an IP address to be leased to the user for L2TP access.
PPTP: Allow access using PPTP. Optionally, specify an IP address to be leased to the user for PPTP access.
Login restriction: Allow access from the specified nodes:
- Any node: The user can sign in from any node in the network.
- User group nodes: If a user belongs to a specific group, they inherit the login restrictions applied to that group.
- Selected nodes: The user can only sign in from specified IP addresses.
- Node range: The user can sign in from any IP address within the specified range of IP addresses.