You can limit login to the Portal by IP address or other criteria, similar to what can be done per application. For example, you could limit access such that only your company's private IP addresses are allowed to login. For more information see Portal Multifactor Authentication Policy  . You can set IP restrictions in Access policy . A login attempt by a user who is denied by policy results in the message "Access Denied. Contact your administrator" on the login page, and the login is not allowed. 

Alternatively, you can allow a Portal login but limit which applications are displayed in the Portal. Refer to Application Availability and Visibility. If there are no applications that are displayed in the Portal, or if a user is denied access to all applications, then a login to the Portal is allowed, but no applications are shown. Instead the message "You are not permitted to access any applications. Contact your administrator." is displayed. 

To block access to the portal login page entirely would need to be done on your company's network outside of SecurID Access using a URL filtering device such as a Web Application Firewall. Bear in mind that redirect URLs used during single sign-on (SSO) include the Portal domain name, so access to the Portal domain name cannot be blocked entirely - certain URL patterns will need to be allowed. 
 

• Provides online help
• Allows Portal password changes (The Change Password menu option is under the user ID when the user is signed in).
• Allows some application passwords to be changed (The Applications Settings menu option is available when the user is signed in).
• Optionally, the Portal can provide Administrator Contact information, such as for your company's IT help desk.