Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating Advanced Policy-Based Routing Rules

    Use this page to configure rules for an advanced policy-based routing (APBR) profile (also known as an application profile). You can then associate the rules with one or more than one applications (example: for HTTP) or application groups.

    To create a rule:

    1. Select Configure > Application Routing Policies.

      The Application Routing Policies page appears.

    2. Click the policy name or rules.

      The Rules page appear.

    3. Click the add icon (+).
    4. Complete the configuration according to the guidelines provided in Table 1.
    5. Click Save.

      The rules you configured are associated with the selected policy.

    Table 1: Fields on the Rule Page

    Fields

    Description

    Source

    Click the add icon (+) to select a source zone from the list.

    You can select one or more zones for the application profile.

    Application

    Click the add icon (+) to select the application from the list.

    If the application matches any of the application or application groups of a rule in a profile, the application profile rule is considered as a match.

    You can select one or more applications.

    Routing Instance

    Click the + icon to select a routing instance from the list, that are configured on a device. The device sends the matched packet to the specified routing instance. The routing instances specify the routing table and the destination to which a packet is forwarded.

    When traffic arrives at the specified zone, it is matched by the advanced application profile. The application profile matches applications and application groups and if the matching rule is found, the packets are routed to the routing instance that sends the traffic to a different interface as specified in the next-hop IP address.

    Rule Name

    The rule name is automatically generated by Security Director. For example, Rule-incremental value.

    Note: An APBR policy designed in Security Director is equal to one or more policies on a device, based on the unique security zones and rule set.

    Modified: 2017-12-25