• Downloads
• Using the New Policy Wizard (NSM Procedure)    

• Related Topics
• Developing Security Policies Task Summary
• Using Predefined Security Policies
• Understanding the Components of an IDP Security Policy
• Example: Fine-Tuning a Security Policy

Using the New Policy Wizard (NSM Procedure)

You use the security policy wizard to create a security policy. The security policies you create with the wizard must have a new name but can be based on existing policies or templates.

To create a security policy:

1. From the NSM main menu, select File > New Policy to display the New Policy wizard.
2. On the first page, complete the settings described in Table 1 and then click Next.

   Table 1: New Policy Wizard: Page One

   Setting	Description
   Name	A string to identify the policy.
   Comments	Text to further identify the policy. In the security policy list, you can sort on comments.

3. On the second page, complete the settings described in Table 2 and then click Next.

   Table 2: New Policy Wizard: Page Two

   Setting	Description
   Create new Policy for	Select this option to create a security policy. If you select this option, the wizard displays the following set of device types: Firewall/VPN Firewall/VPN with IDP Standalone IDP Select Standalone IDP.
   Use Existing Policy	Use this option to assign an existing policy to one or more IDP devices. If you select this option, the wizard displays a drop-down list of existing policies. Select a policy from the list. Note: This procedure involves creating a new policy. For this procedure, do not select Use Existing Policy.

4. On the next pages, complete the preconfiguration options described in Table 3. Click Next to advance through the pages.

   Table 3: New Policy Wizard: Preconfiguration Options

   Setting	Description
   Use Predefined Policy Template	Select this option to create a security policy based on a predefined template. If you select this option, the wizard displays a drop-down list of predefined templates. Select one and click Next.
   Configure IDP Policy	Select this option and complete the rule properties on the next page to generate a policy with the following features: IDP rulebase. Multiple rules matching any source, any destination, and default services. Multiple rules are distinguished by the attack object severity group, action, and notification option you configure in the next wizard page.
   Empty Policy	Select this option to create an empty policy that you can later modify.

5. On the next to the last page, select the device targets for the policy and then click Next.
6. Click Finish to save the policy.

The new policy appears in the security policy list.