Your organization's access policy defines the apps your users can access via Zero Trust Network Access and the rules by which those apps are both accessible and restricted. You can define an unlimited number of app policies in the Jamf Security Cloud by navigating to .
Each access policy is comprised of:
- General application metadata —
This includes helpful information like an app name, icon, and category.
- Application type —
There are two types of applications:
- Predefined apps —
An app that is hosted in the cloud by a service provider. Predefined apps are provided for the most common types of applications. For more information, see Adding a New Predefined Application.
- Custom apps —
An app that is typically hosted by your organization and usually is not available to the public internet. These include on-premise and private cloud applications. For more information, see Adding a New Custom Application.
- Predefined apps —
- Traffic matching data —Specific characteristics, including network hostnames, domains, IPv4 addresses, or subnets, that can be used to associate connection requests and subsequent traffic with this application or access policy.
- Device group permissions —Defines which device groups are allowed to access the application.
- Security restrictions —Defines who should have access to this application and under what conditions (for example, device risk level or management state).
- Routing control —Instructs Zero Trust Network Access how to route permitted (per policy) application traffic to its destination server. This can be an internet cloud gateway or a private interconnect gateway. Also sets the routing mode for traffic from applications on end-user devices.
After you've configured these applications via an access policy, you can view and analyze their usage in Jamf Security Cloud. For more information, see Zero Trust Network Access Reports.