Effrum
Mar 29, 2016Nimbostratus
APM Apply Access Policy - affect existing sessions vs new sessions
This might be a silly question, but I'm having trouble finding a definite answer. When does applying changes to an access policy invalidate currently connected sessions vs only taking affect for new sessions? I feel like the vast majority or changes would only apply to new sessions, since an existing session will persist on the agreed upon rules/settings at the time it was negotiated. But what about something like adding a new domain to an existing multi-domain policy? Or adding a new branch to an existing policy to accommodate a new user group/application? What kinds of scenarios cause an APM session to become invalidated after a change?
Thanks for any input or clarification.