License edition: To understand the applicable license editions, see Plans & Pricing.
Overview
Geofencing policy empowers you to restrict access to inSync from outside your corporate network based on the user role. It helps you control, monitor, and protect your data from unauthorized access from outside the organization.
You can configure Geofencing policy by specifying your company's physical gateway IPs. Only user devices connected to your corporate network can access inSync.
You can restrict access for all inSync users with defined roles as listed in the table.
Type of inSync user | Restrict access to |
Administrators | Endpoints Console |
Users |
|
๐ Note
Geofencing policy configuration does not affect the backup activity. inSync will continue to backup the data from the devices irrespective of the devices that are connected to your corporate network or are outside the corporate network.
If an administrator initiates a restore for a device outside the corporate network, the device restore will be successful.
If a device restore is in progress, and the device moves outside the corporate network, the ongoing device restore will successfully complete, regardless the Geofencing policy is enabled.
While accessing inSync, if a user switches to a different network from the corporate network, inSync will continue to remain accessible for approximately 5 minutes, after which the session will expire, and the user will be logged out.
After implementing the Geofencing policy, if users try to log on to inSync from outside the corporate network, they are denied access to inSync based on the user type.
You can track unauthorized attempts made by inSync users to access inSync from outside the corporate network:
Audit trails are generated for every unauthorized activity of the inSync users and administrators. For more information, see View audit trail for users and View audit trail for administrators.
Alerts are generated for inSync users and administrators when they attempt unauthorized access three consecutive times. For more information, see Alert Messages.
You can also configure the Geofencing policy by leveraging Active Directory Federation Services (ADFS) settings to restrict activation of the inSync Client and inSync Web access to corporate devices only. For more information, see Configure Geofencing by using ADFS.
Configure Geofencing policy for your organization
To configure the Geofencing policy for your organization: