In the realm of modern cybersecurity, balancing secure access with user convenience is paramount. In this high-level summary, we'll introduce the key steps involved in configuring user access within the AppGate SDP ecosystem, ensuring that your organization strikes the perfect balance between security and accessibility.
Configuration Steps at a Glance
Validate Asset Information: The journey to robust user access configuration begins by validating asset information. Ensure that your organization's assets are accurately identified and classified. This step forms the foundation for precise access control.
Create First Entitlement: Entitlements are at the core of AppGate SDP's access control. Begin by crafting your first entitlement, defining access to specific resources and under what conditions. This step ensures that users are granted access only to the resources they require.
Create First Policy: Policies act as the guiding principles for access control. Create your initial policy to specify the rules and conditions under which users can access resources based on their entitlements. Policies provide the framework for a secure and adaptive access control system.
Create Local Testing Account: This is a quick way to create authorized users for initial access by utilizing the local Identity provider built into AppGate SDP.
Create Client Profile: This profile link is used with the Client software to access the Appliances by utilizing the local Identity provider built into AppGate SDP.
Install AppGate SDP Client: The AppGate SDP client is the Gateway to secure access. Install the client on user devices to enable them to connect securely to the network and access authorized resources. This step ensures that users can securely access resources from anywhere.
Test Access: Verification is key to ensuring that your user access configuration is working as intended. Test user access to resources to validate that the entitlements and policies are correctly applied. This step helps identify and resolve any access issues.
** It is important to remember that Access Control between the Gateway Appliance and the resources must be configured prior to any successful traffic flow.**
By mastering the art of user access configuration with AppGate SDP, you can establish a network environment that fortifies your cybersecurity defenses while providing seamless and secure access to the resources your users need.
Validate Asset Information
Review the minimum requirements to create the entitlement:
Destination IPs or Hostname
Protocol (TCP/UDP)
Destination Ports
Direction (UP/Down)
ICMP (Ping)
Action (Allow/Block/Alert) Admin Guide Link: Using Entitlements Adding a new Entitlement: Access > Entitlements > Add New
Admin Guide Link: Using Entitlements
Adding a new Entitlement:
Access > Entitlements > Add New
When editing that Actions field the popup for this action resembles this:
Create the First Policy
Access>Policies>Add New>Access Policy
Name
Assignment (ie: IdP, LDAP group, OS type, or any user or device attribute that can be detected by the AppGate System)
Entitlements by name or tag
Admin Guide Link: Using Policies
.png?sv=2022-11-02&spr=https&st=2026-04-17T05%3A35%3A56Z&se=2026-04-17T05%3A50%3A56Z&sr=c&sp=r&sig=V42HdcFC0w6C8BR%2BlQj2rWxGp02T8APR6WiN1V%2BZIDs%3D)
.png?sv=2022-11-02&spr=https&st=2026-04-17T05%3A35%3A56Z&se=2026-04-17T05%3A50%3A56Z&sr=c&sp=r&sig=V42HdcFC0w6C8BR%2BlQj2rWxGp02T8APR6WiN1V%2BZIDs%3D)
Create a Local Test User
Local users can be added to the local database to provide accounts for other administrators or for temporary users not listed in an external identity provider.
Identity>Local Users>Add New>
Username
Password
First Name
Last Name
Admin Guide Link: Local Users (AppGate.com)
Create a Client Profile
Client profiles are the tool you use to seed Clients/devices with the information they need to establish a connection to your AppGate SDP Collective.
Identity>Client Profiles>Add New
Profile Name
Identity Provider (Select the Local IDP)
After saving the client profile, click the 3 dots on the right side and copy the profile to be used in the AppGate SDP Client Software.
.png?sv=2022-11-02&spr=https&st=2026-04-17T05%3A35%3A56Z&se=2026-04-17T05%3A50%3A56Z&sr=c&sp=r&sig=V42HdcFC0w6C8BR%2BlQj2rWxGp02T8APR6WiN1V%2BZIDs%3D)
Install the AppGate SDP Client
In this high-level summary, we'll outline the essential steps to install and configure the AppGate SDP Client. Once configured, the client streamlines the connection process, providing users with a convenient and straightforward method for accessing network resources.
Installation and Configuration Steps at a Glance
Download Client Profile Webpage: Access the client profile webpage to download the necessary configuration files. These files are essential for setting up your client correctly.
Install Windows Full Client: Install the full AppGate SDP Client on your Windows device. This step is pivotal in enabling secure connections to the network.
Execute SDP Client: Launch the AppGate SDP Client application on your Windows device. This action initiates the setup process and prepares the client for configuration.
Add Your Profile: To tailor your client to your specific access needs, add your profile. This step allows you to connect securely to your organization's network while adhering to the defined security policies.
Login to SDP: Complete the setup by logging in to the AppGate SDP Client using your credentials. Once logged in, you'll have secure access to the network resources authorized for your profile.
AppGate End User Guide - Link
Test Access
Verifying and testing connectivity is essential to ensure that your network access is secure and reliable. Below are some key steps involved in testing connectivity from within the AppGate SDP Client, ensuring that you can access network resources seamlessly and securely.
Testing Connectivity Steps at a Glance:
Check Policies: Begin by checking the access policies associated with your AppGate SDP Client. These policies define what resources you should have access to and under what conditions. Ensure they align with your access requirements.
Test Access from GW: Test your access to a protected resource from the Gateway (GW) to validate that a connection is working correctly. This step allows you to confirm that you can connect to the network resources you need. Under System/Appliances click the 3 dots to the right side of the screen on a gateway. The drop-down menu will have multiple tests that can be executed for this testing.
Check Client Status: Verify the status of your AppGate SDP Client to ensure it is active and connected to the network. This is indicated by a green circle around the user silhouette next to the username. A healthy client is essential for secure and reliable access.
Check Client Entitlement: Confirm that your client entitlement is correctly configured. This entitlement defines your access permissions, ensuring you have access to the resources you need.
Check Client IP: Check the assigned IP address for your client. This IP address is crucial for routing and accessing network resources securely. Verify that the IP registers in the client which is required for the Gateway to communicate with the client tunnel.
Check Client TCP/IP Routes: Verify that the client's TCP/IP routes are set up correctly. Proper routing ensures that your client can communicate with the necessary network resources.
Test TCP Connection: Finally, test the TCP (Transmission Control Protocol) connection to specific network resources. This step allows you to verify that you can establish connections to your desired resources.
Key Benefits
Security: Testing connectivity within the AppGate SDP Client environment ensures that security measures are in place, with access policies enforced as intended.
Reliability: By confirming connectivity, you can rely on the AppGate SDP Client to provide stable and secure access to your organization's network resources.
Efficiency: The testing process streamlines access validation, saving time and reducing the risk of connectivity issues.