How can we help? 👋

Network Access Rules

An explaination about Network Access Rules

It gets checked if the information of a device, that is in the database, includes the MAC-Address and the VLAN. If this is not the case, the device is unknown for "PNAC". Additionally, there can be extra rules. For example, in order to be valid, the device must originate from the Vienna location. You can set such rules regarding every field if you want to. If everything is filled in correctly, the device is valid for the network. Otherwise, it is unknown. If you decide to activate the guest feature on the switch the unknown device gets connected to the guest VLAN.


Switches are grouped to Switchgroups (Network Device Groups). Each Group can have its own Network Access Rule set.

Notion image


Notion image

First, create a new Group for your switches.

Notion image

Then, Edit Group Rule. Here you can enter your rules depending on your needs.

Notion image

To keep it simple a Wizard has been added. It generates the rules for the most used configurations.

Notion image
  • Authorization with MAC: Recommended settings for standard Security models
  • Create one rule per site: Only required if you have more than one Site with different VLAN schemes.

For the beginning you can press Load and deploy. After that, the rule will be active immediately. Later, just press Load and verify the rules before applying.

If you need more details about the rule languages, see Network Access Rules in Detail.

Did this answer your question?