no to allow 4 or 5 first go to the access groups manager. create a new access group named "Group 4 or 5"
in group member click the plus button and enter 4, click the plus button a second time and enter 5
now create the access rule as:
Allow if: click the lightning bolt and select the SecurityAssist_UserGroupID session variable
criteria: In Group
Compare to: Group 4 or 5