Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating a New Security Policy (NSM Procedure)

    You use the security policy wizard to create a new security policy. The security policies you create with the wizard must have a new name but can be based on existing policies or templates.

    To create a new security policy:

    1. In the NSM navigation tree, select Policy Manager > Security Policies.
    2. Select File > New Policy to display the New Policy wizard.
    3. On the first page, complete the settings and then click Next. Table 1 describes page one fields.

      Table 1: New Policy Wizard: Page One

      Setting

      Description

      Name

      A string to identify the policy.

      Comments

      Text to further identify the policy. In the security policy list, you can sort on comments.

    4. On the second page, complete the settings and then click Next. Table 2 describes page two settings.

      Table 2: New Policy Wizard: Page Two

      Setting

      Description

      Create new Policy for

      Select this option to create a new security policy.

      If you select this option, the wizard displays the following set of device types:

      • Firewall/VPN
      • Firewall/VPN with IDP
      • Standalone IDP

      Select Standalone IDP.

      Use Existing Policy

      Use this option to assign an existing policy to one or more IDP devices.

      If you select this option, the wizard displays a drop-down list of existing policies.

      Select a policy from the list.

      Note: This procedure involves creating a new policy. For this procedure, do not select Use Existing Policy.

    5. On the next pages, complete pre-configuration options. Table 3 describes your choices. Click Next to advance through the pages.

      Table 3: New Policy Wizard: Pre-configuration Options

      Setting

      Description

      Use Predefined Policy Template

      Select this option to create a new security policy based on a predefined template.

      If you select this option, the wizard displays a drop-down list of predefined templates.

      Select one and click Next.

      Configure IDP Policy

      Select this option and complete the rule properties on the next page to generate a policy with the following features:

      • IDP rulebase
      • Multiple rules matching any source, any destination, and default services
      • Multiple rules are distinguished by the attack object severity group, action, and notification option you configure in the next wizard page.

      Empty Policy

      Select this option to create an empty policy that you can later modify.

    6. On the next to last page, select IDP devices for which you are designing this policy. Then click Next.
    7. Click Finish to save the policy.

    The new policy appears in the security policy list. After you have created a security policy, you can add rules to the new policy. Rules include IPv6, VPN, and also VPN link. For more information, see the IDP Concepts & Examples guide

    Published: 2013-01-03