• Download PDFs
• Creating a New Security Policy (NSM Procedure)  

• Related Topics
• Intrusion Detection and Prevention Devices and Security Policies Overview
• Configuring Predefined Security Policies (NSM Procedure)
• Modifying IDP Rulebase Rules (NSM Procedure)
• Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM Procedure)

Creating a New Security Policy (NSM Procedure)

You use the security policy wizard to create a new security policy. The security policies you create with the wizard must have a new name but can be based on existing policies or templates.

To create a new security policy:

1. In the NSM navigation tree, select Policy Manager > Security Policies.
2. Select File > New Policy to display the New Policy wizard.
3. On the first page, complete the settings and then click Next. Table 1 describes page one fields.

   Table 1: New Policy Wizard: Page One

   Setting	Description
   Name	A string to identify the policy.
   Comments	Text to further identify the policy. In the security policy list, you can sort on comments.

4. On the second page, complete the settings and then click Next. Table 2 describes page two settings.

   Table 2: New Policy Wizard: Page Two

   Setting	Description
   Create new Policy for	Select this option to create a new security policy. If you select this option, the wizard displays the following set of device types: Firewall/VPN Firewall/VPN with IDP Standalone IDP Select Standalone IDP.
   Use Existing Policy	Use this option to assign an existing policy to one or more IDP devices. If you select this option, the wizard displays a drop-down list of existing policies. Select a policy from the list. Note: This procedure involves creating a new policy. For this procedure, do not select Use Existing Policy.

5. On the next pages, complete pre-configuration options. Table 3 describes your choices. Click Next to advance through the pages.

   Table 3: New Policy Wizard: Pre-configuration Options

   Setting	Description
   Use Predefined Policy Template	Select this option to create a new security policy based on a predefined template. If you select this option, the wizard displays a drop-down list of predefined templates. Select one and click Next.
   Configure IDP Policy	Select this option and complete the rule properties on the next page to generate a policy with the following features: IDP rulebase Multiple rules matching any source, any destination, and default services Multiple rules are distinguished by the attack object severity group, action, and notification option you configure in the next wizard page.
   Empty Policy	Select this option to create an empty policy that you can later modify.

6. On the next to last page, select IDP devices for which you are designing this policy. Then click Next.
7. Click Finish to save the policy.

The new policy appears in the security policy list. For more information, see the IDP Concepts & Examples guide