Geofencing policy empowers you to restrict access to Druva inSync from outside your corporate network based on the user role. It helps you control, monitor, and protect your data from unauthorized access from outside the organization.
You can configure Geofencing policy by specifying your company's physical gateway IPs in the policy. Only the user devices that are connected to your corporate network can access Druva inSync.
You can restrict access for all Druva inSync users with defined roles as listed in the table.
|Type of Druva inSync user||Restrict access to|
|Druva inSync administrators||inSync Management Console|
|Druva inSync users||
- Geofencing policy configuration does not affect the backup activity. Druva inSync will continue to backup the data from the devices irrespective of the devices that are connected to your corporate network or are outside the corporate network.
- If an administrator initiates a restore for a device outside the corporate network, device restore will be successful.
- If a device restore is in progress, and the device moves outside the corporate network, the ongoing device restore will successfully complete, regardless the Geofencing policy is enabled.
- While accessing Druva inSync, if a user switches to a different network from the corporate network, Druva inSync will continue to remain accessible for approximately 5 minutes, after which the session will expire and the user will be logged out.
After implementing the Geofencing policy, if users try to log on to Druva inSync from outside the corporate network, they are denied access to inSync based on the user type.
You can track unauthorized attempts made by Druva inSync users to access Druva inSync from outside the corporate network:
- Audit trails are generated for every unauthorized activity of the Druva inSync users and administrators. For more information, see View audit trail for users and View audit trail for administrators.
- Alerts are generated for Druva inSync users and administrators, when they attempt unauthorized access for three consecutive times. For more information, see Alert Messages.
You can also configure the Geofencing policy by leveraging Active Directory Federation Services (ADFS) settings to restrict activation of the inSync Client and inSync Web access to corporate devices only. For more information, see Configure Geofencing by using ADFS.
Configure Geofencing policy for your organization
To configure Geofencing policy for your organization