Quick Overview

SSID Groups in zAccess enable administrators to group multiple Wi-Fi SSIDs into a logical container. This allows policies and rulesets to evaluate which wireless network a device is connected to and apply conditional access based on SSID membership. It is especially useful in environments with both corporate and guest Wi-Fi networks or where wireless segmentation is enforced.

How to Use This Feature in the UI

1. In the zAccess interface, navigate to Policy Configuration > SSID Groups.
2. Click ADD GROUP.
3. Enter a Group Name (e.g., “Trusted Wi-Fi” or “Employee SSIDs”).
4. Add one or more SSIDs that endpoints may connect to (case-sensitive).
5. Click Save to finalize the SSID group.
6. Ensure the group is referenced in a Ruleset if you want to control access based on wireless connection.

Concepts & Use Cases

• Wireless Context Awareness: Distinguish policy enforcement based on the wireless network the user is connected to.
• Security Zoning: Allow different access levels for devices connected to secure corporate SSIDs versus public or guest networks.
• Mobility Enforcement: Prevent application access if a user roams to an unauthorized Wi-Fi network.
• Education & Hospitality Use Cases: Segment student, staff, or guest access dynamically based on SSID.

Troubleshooting & FAQs

• Why isn’t my device matching the SSID group?
  Verify the SSID name is entered exactly as it appears on the device and is not subject to casing errors or hidden SSID configurations.
• Can the same SSID be in multiple groups?
  Yes. SSIDs can appear in more than one group for flexible policy targeting.
• What happens if a device switches SSIDs during a session?
  zAccess re-evaluates session context periodically; if the SSID change triggers a different ruleset condition, the applied policy may change accordingly.
• Does zAccess detect hidden SSIDs?
  Yes, if the endpoint device reports the SSID as part of its connection telemetry, even hidden SSIDs can be evaluated.