Terminology

Application — A resource or asset — such as an RDP, SSH, VNC, or web server — that an admin makes securely available to end users.

Category — A group of applications used to organize and display applications in the Applications Portal.

Access Group — A group of applications with shared access rules. Rules defined at the access group level are inherited by all applications associated with the group.

Rule — A combination of identities, a condition policy, and an action policy. Rules are defined on both applications and access groups, and are evaluated in order until access is explicitly allowed. If no rule grants access, it is blocked by default.

Identity — Represents who or what is requesting access. An identity can be an individual user, a user group, or an API key for machine-to-machine communication.

Condition Policy — A set of conditions that a user must meet in order to access an application.

Action Policy — A set of actions that can be applied to a user's session (e.g., session recording).

Applications Portal — A web portal where end users can view and access the applications available to them.

Cyolo Connect — an endpoint agent installed on end-user devices that enables secure access to company networks through the Cyolo platform. It performs device posture checks to verify endpoint compliance before and during sessions, and enforces access policies accordingly. It also allows authorized help desk staff to remotely view and control devices where the agent is installed, streamlining support without the need for additional remote access tools.