Barracuda Networks NG Network Access Client SP4 Administrator's Manual page 32

2.4.3 Identity Matching - Advanced
Fig. 2–11 Access Control Service Trustzone - Rules - Identity Matching Advanced
List 2–22 Access Control Service Trustzone - Rules - Identity Matching Advanced – section Advanced Identity Matching
Parameter Description
MAC Addresses Enter MAC addresses here. Patterns may be used.
Microsoft Enter Microsoft Machine SIDs here. A SID is a - from the Microsoft OS generated - world wide unique machine identifier. The SID is
Machine SIDs visualized in the Access Control Server's access cache. Patterns may be used.
List 2–23 Access Control Service Trustzone - Rules - Identity Matching Advanced – section Certificate Conditions
Parameter Description
x509 Subject Enter X.509 subject name patterns here (for example, CN=name-*, O=my-company). The X.509 subject of the clients authentication
certificate must match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.
x509 Issuer Enter X.509 issuer name patterns here (e.g CN=name-*, O=my-company). The subject of the issuer of the clients certificate must
match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.
x509 Enter X.509 alternative name patterns here (IP:10.0.10.*). The subject alternative name of the clients authentication certificate must
Altnames match at least one of these patterns.
Note:
Certificate authentication is only possible in Local machine and basic user authentication.
The subject alternative name is prepended by its type (for example, "email:" or "IP:")
30 Server Config – Access Control Service