How Can We Help?
-
zWAN
-
-
-
-
-
-
- Articles coming soon
-
-
-
- Articles coming soon
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
- Articles coming soon
-
- IPsec Tunnel not Establishing
- SSL-VPN Tunnel not Establishing
- Mobile Network Issues
- Management Tunnel does not Establish
- DNS not Resolving from Local Network Appliance
- DNS Resolution Issues in Tunnel Configuration
- DHCP Server not Leasing IP to LAN PC
- Debugging EC Events - Unknown Status Issue
- Trusted-MAC Geofencing Issues
- DNS Issues from DC LAN PC
- Troubleshooting LAN Connectivity to Internet via WAN, Remote Branch LAN, or Local Branch LAN
- NetBalancer gateways displaying Faulty/Inactive
- Packet Drop Issues
-
-
zTC
-
- Articles coming soon
-
StorTrends
-
zAccess
-
- Articles coming soon
-
- Articles coming soon
-
zGuardian
You are here:
Print
MAC Groups
0 out Of 5 Stars
5 Stars | 0% | |
4 Stars | 0% | |
3 Stars | 0% | |
2 Stars | 0% | |
1 Stars | 0% |
Quick Overview
MAC Groups in zAccess allow administrators to group endpoint devices based on their MAC addresses. This facilitates identity-based access control where policies and rulesets can be applied to devices regardless of their current IP address, location, or network. MAC Groups are essential for managing known, trusted devices within a zero-trust framework.
How to Use This Feature in the UI
- Go to Policy Configuration > MAC Groups.
- Click ADD GROUP.
- Enter a Group Name that reflects the purpose or user set (e.g., “Corporate Laptops” or “Contractor Devices”).
- Input one or more valid MAC addresses in the required format (e.g.,
00:1A:2B:3C:4D:5E
). - Click Save to create the group.
Concepts & Use Cases
- Device-Based Access Control: Identify and enforce policies for specific hardware endpoints regardless of network or user login.
- BYOD & Guest Segmentation: Isolate personal or unmanaged devices by assigning them to a MAC group with limited permissions.
- Zero Trust Enforcement: Require that only devices in approved MAC groups can access sensitive applications.
- Compliance Assurance: Ensure that only registered, compliant machines connect to critical resources.
Troubleshooting & FAQs
- Why isn’t a device being matched to its MAC group?
Ensure the MAC address is entered correctly and belongs to the interface used for zAccess login. Avoid duplicate or invalid entries. - Can a device belong to more than one MAC group?
Yes. Devices can exist in multiple groups and are evaluated in the order defined by ruleset priorities. - Is MAC spoofing a concern?
MAC addresses can be spoofed, so MAC Groups should be used in conjunction with other posture or identity checks for high-security environments. - How can I audit MAC group usage?
Use the Endpoint Sessions page or Event Logs to view devices’ matched groups during login.
Was this article helpful?
0 out Of 5 Stars
5 Stars | 0% | |
4 Stars | 0% | |
3 Stars | 0% | |
2 Stars | 0% | |
1 Stars | 0% |
5
Table of Contents