Access Engine helps with simple segment-based L3 policy, such as intra-segment or inter-segment allow/deny rules, with optional external forwarding for SSE.

First, make sure micro-segmentation is enabled for the tenant or site. Once enabled, policy rules are received from cloud, and enforcement starts after the first rule is pushed to the dataplane.

Open Global Settings → Access Engine and review the defaults. The default internal behavior is ANY to ANY = Deny, and the default external behavior is ANY to INTERNET = Forward to upstream Firewall/Router.

Figure 1 below shows the default Access Engine rule view with one internal rule and one external rule already present.

Figure 1: Access Engine rules page showing the default internal deny policy and default external forward-to-firewall policy.

To create an internal L3 policy, go to Create Rule → Create Internal Rule. Start by selecting the source segment, then choose the destination segment, and finally set the action to Allow or Deny based on the required intra-segment or inter-segment behavior. Legacy Access Engine 1.0 rules are segment-based.

Figure 2 below shows the internal rule workflow starting with segment selection.

Figure 2: Internal rule creation flow where you begin by selecting the source segment.

If the customer needs SSE forwarding, go to Create Rule → Create External Rule. Select the source segment, set the destination to All Internet Bound Traffic, choose Forward as the action, optionally select the configured SASE provider, add rule name and description, and save.

Figure 3 below shows the external rule example for forwarding internet-bound traffic.

Figure 3: External rule creation flow for forwarding a segment’s internet-bound traffic to an SSE provider.

After saving, confirm the rule appears in the Access Engine table and use Rule Log to validate behavior during testing.

Setup Guide for Nile Cloud RADIUS

Setup Access Engine Policies

Settings

save

test

specific

var_miha

new_var_2

new_mih_var

mih_var

testheight

available

testulet

testvar

This is a plain text that will be inserted in an expandable heading for using this raw as an exampl

altscenario

This is a plain text that will be inserted in an expandable heading for using this raw as an example

scenario

exemplu

variabila

Archbee

text

refresh_token

YourBank

MyBank

Setup Guide for Nile Trust Service

Nile

Nile Access Service Docs

What's New at Nile

Exploring Nile Videos

What is the Nile Access Service?

Nile Access Service: Understanding Service Areas

Nile's layer 3 only network: Transcending VLANS

Integrating Routers with the Nile Access Service

Nile DHCP Integration

Passive Device Management and Handling (Wired)

Static IP management

Nile's Channel Planner - RF Optimization

mDNS Handling in Nile's Layer 3 Network

QoS within Nile Service Block

Multicast on the Nile Access Service

Nile Mesh

Core Concepts

Nile Network Elements

Datasheets

Hardware and Scaling

Zero Trust Campus

WIDS/WIPS

Palo Alto Prisma SSE Connectivity as a Service

Zscaler SSE Connectivity-as-a-Service

Zero Trust

Migration Process and Strategies

Migration Topologies

Migration

Nile Service Block

Traffic Enforcement with Nile Trust Engine

Trust Service Constructs Overview

Understanding Policy Groups

Default System Groups

Understanding Policies and Policy Sets

Policy Logging

Getting Started with Trust Service

Nile Trust Service Migration Guide

Nile Trust Service

Nile RADIUS

Nile Guest Services Options

URL Filtering

Restrict Service to specific geoscopes

Nile Guest Service

Nile Cloud DHCP

Nile Service Deployment Steps

Generic Upstream Firewall Guide

Integration of Nile Access Service with Palo Alto Prisma SASE Provider

Fortinet Fortigate FW

Palo Alto Networks NGFW

Palo Alto Networks - XML API

Nile Segments Mapping to FW Zones

Velocloud SD-WAN

Cato Sockets integration with Nile

Aruba Clearpass - RADIUS

Cisco Identity Service Engine (ISE) - RADIUS

Microsoft NPS

Secure W2 Cloud RADIUS Integration

Nile Cloud Radius Integration with Entra ID SCIM

Nile Cloud Radius Integration with Intune

Nile Integration with Google Workspace for SSO Setup

Microsoft Entra ID

Okta

Azure Active Directory

CrowdStrike Falcon NG SIEM

Generic HTTP Connector

Splunk SIEM

Sumo Logic

Nile SIEM Event Schema

LogicMonitor

Snowflake

Webhook Integration : Send alerts to ServiceNow

MAC Address Bypass (MAB) API

Infoblox NIOS

Nile SLAs

Setup Service Areas

Setup DHCP

Setup Authentication

Setup Guest Portal

Setup Segments

Setup 802.1x SSID

Setup a PSK SSID

Setup Nile Captive Portal SSID

Setup a PSK SSO SSID

Setup Own Hosted Captive Portal SSID

Wi‑Fi Security Operating Modes

Setup Wireless/SSID

Setup MAC Authentication

Configure Alerts

Nile Portal Setup

Application Alerts

Client Device Alerts

Configure Nile Portal Alert notification emails

Customer Infrastructure Alerts

Nile Infrastructure Alerts

Nile Security Alerts

Nile Service Alerts

Configure Email Notifications

Nile SMS Alerts

*New Nile Portal Alerts

View Devices and Device Details

Summary Dashboard Nile Portal Usage Metrics

Enhanced 911

Reports

Nile Data Retention

Nile Support Access

Allowed Domains

Setup Administrators

Transferring a root account

Custom hostname for Nile Elements

My Nile

Severity Based Notification Triggers

LED Status

Nile Device Inventory

Nile Network Topology

Access Point Details

How to find serial numbers on Nile Service Block network elements

Access Switch/NSW1000 LED indicators

What do the colors of the Nile Access Point (AP) LED mean?

Configured device with Wireless 802.1X_ not able to connect

Clients not getting IP address

Can we block a wireless client via the dashboard?

How to access "my.nilesecure.com"

How to check the Wireless Clients location and Roaming information?

How to check Wireless Client Signal strength

Wireless Client connection history logs.

Wireless Intrusion Detection and Prevention in the Nile Access Service

Wireless Performance issue Troubleshooting

Wireless printer is not able to get an IP address but works fine with Wired connection

Wireless Connections

What is AQI (Air Quality Index) and how is it calculated?


What is AQI (Air Quality Index) and how is it calculated? (cloned)