Amr_Esmat_24704
Sep 07, 2018Nimbostratus
should I add deny all policy at end of Advanced Resource Assignment
should I add deny at end of Advanced Resource Assignment to deny any access except the access specified in the access list, like below example I have entry that have specific access list then I added deny at end that will match on all entry because it doesn't have expression, by this the entry will only have access to IPs in access list any other IPs are denied or should I remove the deny rule as the default implicit is deny?, will the user have access to any without this explicit deny rule?
also if resource assign order doesn't matter, does this mean if the deny entry loaded first before the permit entry user will not be able to access any resources?