Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Creating Advanced Policy-Based Routing Rules

 

Use this page to configure rules for an advanced policy-based routing (APBR) profile (also known as an application profile). You can then associate the rules with one or more than one applications (example: for HTTP) or application groups.

To create a rule:

  1. Select Configure > Application Routing Policies.

    The Application Routing Policies page appears.

  2. Click the policy name or rules.

    The Rules page appear.

  3. Click the add icon (+).
  4. Complete the configuration according to the guidelines provided in Table 1.
  5. Click Save.

    The rules you configured are associated with the selected policy.

Table 1: Fields on the Rule Page

Fields

Description

Source

Click the add icon (+) to select a source zone from the list.

You can select one or more zones for the application profile.

Application

Click the add icon (+) to select the application from the list.

If the application matches any of the application or application groups of a rule in a profile, the application profile rule is considered as a match.

You can select one or more applications.

Routing Instance

Click the + icon to select a routing instance from the list, that are configured on a device. The device sends the matched packet to the specified routing instance. The routing instances specify the routing table and the destination to which a packet is forwarded.

When traffic arrives at the specified zone, it is matched by the advanced application profile. The application profile matches applications and application groups and if the matching rule is found, the packets are routed to the routing instance that sends the traffic to a different interface as specified in the next-hop IP address.

Rule Name

The rule name is automatically generated by Security Director. For example, Rule-incremental value.

Note

An APBR policy designed in Security Director is equal to one or more policies on a device, based on the unique security zones and rule set.