Access Analyzer provides a comprehensive view of policy enforcement that enables faster troubleshooting and resolution of user access issues. Without clear visibility into which attributes triggered the block for the user to access an application, it can be challenging to determine if the block was appropriate or the result of an unintended security policy configuration. Access Analyzer addresses this issue by allowing you to gain insights into security policy attributes within a few seconds.

When you submit a user access issue query in Access Analyzer, you can view the exact user attributes that contributed to the policy enforcement, including specific user groups that triggered the policy rule match, the Host Information Profile (HIP) applied at the time, URL categories, and devices that were evaluated at the time of the block. You can also view a time line of events in traffic logs, that shows when a security policy rule matched and any policy rule changes that contributed to its enforcement.

The feature is valuable in common scenarios such as when a user is added to a dynamic user group that restricts access to corporate resources, when a device's posture changes due to security software being uninstalled, or when application identification issues occur. This visibility enables you to perform remediation steps effectively when blocks are legitimate, or to quickly correct policy configurations when blocks occur in error.