Converting Standard Policy to Unified Policy
You can convert a traditional firewall policy to a unified policy. Unified policies are security policies that enable you to use the dynamic applications as match conditions as part of the existing 5-tuple or 6-tuple (5-tuple with user firewall) match conditions to detect application changes over time. If the traffic matches the security policy rule, one or more actions defined in the policy are applied to the traffic.
To convert a standard firewall policy to a unified policy:
- Select Configure>Firewall Policy>Standard Policies.
The Standard Policies page appears.
- Select a policy, right-click the policy or click More and select Convert to Unified Policy. The Policy Conversion page appears.
- Select an application signature value:
None—By default the value of the dynamic application signatures is set to None. In this case, the value of service is retained in all rules in the policy.
Any—The value of the service is set to junos-defaults. This enables the firewall policy to use default protocols and ports of dynamic applications.
- Click OK.
A job is created to convert the standard policy to an unified policy.
- Select Run now to run the job immediately or Schedule at a later time to run the job at a specified date
The Conversion page is displayed.
- Click the job ID to view the details of the job on the job management page.
Only standard policies without AppFW support can be converted to unified policy.