Assigning endpoint policies is rather simple. Each application has an Endpoint Policy Settings tab, which can be configured during the application-publishing wizard, or edited later. On this tab, you select which of the available Top-Level policies you want to assign to Access, Upload, Download, and Restricted Zone (for the application types that have them). This tab also has a link to the policy editor, though UAG comes with a comprehensive set of built-in policies. At any point, you can edit the existing policies, create new ones, and change the assignment for each application. The trunk also has a policy setting tab, which is a little different. For a trunk, you assign only an access policy, but for three "levels":
Session Access
Privileged Endpoint
Socket forwarding component installation
The Session Access is simple enough—users who do not meet the policy set there will be denied access as soon as the endpoint detection phase is complete upon launching the portal...