Risk Model itself is now deprecated, however you can still use the risk scores for access control.
Risk based access is a way to set up access controls based on a user risk score (provided as a claim) which in turn will decide if the Action(s) specified in the Entitlement are to be allowed. For example: access may only be allowed if the user risk score is medium or low. When the risk score is high then the Entitlement will be denied (block rule applies). If a user interaction has been configured in the risk matrix, this will provide a way for the user to unblock access by performing some sort of additional authentication.
Before you start
Pre-configure the following elements:
MFA Provider for multi-factor user interactions, refer to MFA Providers
Identity Provider for password user interactions, refer to Identity Providers
You will need a user risk claim, refer to User Claims and Device claims
If you plan to use the risk score claim provided by the Appgate ZTP Risk Engine then you will need to link your SDP instance to ZTP and obtain a feature license for the Risk Engine.
Background information:
The topic access control models explores the use of risk based access in more detail.
Learn more about how to use user interactions
Setting up MFA Providers or user interactions
Use the Risk Model form for:
Defining the risk matrix which can then be used for controlling when Entitlements will be allowed by the Gateway
Adding user interactions when the risk matrix shows USER ACTION, such as entering a valid multi-factor authentication.
Adding a message to provide feedback to the user when the risk matrix shows DENY.
For details on completing the form, refer to configuring the risk model