[Report an Error]

Monitoring Policies

Use the monitoring policies feature to view summary information such as names of the source and destination addresses of the policy, name of a preconfigured or custom application defined for the policy, or actions taken on packets matching the policies.

To access policies using the CLI, enter the following CLI commands:

To access policies using J-Web:

  1. Select Monitor>Security>Policiesin the J-Web interface. The page layout is as follows:
  2. Click one of the following in the list pane:

Table 8 summarizes key output fields in the security policies information display.

Table 8: Summary of Key Security Policies List Pane



Additional Information

Combo Options

From Zone

Name of the source zone.


To Zone

Name of the destination zone.



Filters the policy according to the selected From and To zones and displays only the related policies.


Total Policies

Number of policies listed in the policy list pane including the default policy.


Default policy

Actions the device takes on a packet that does not match any user-defined policy:

  • permit-all—Permit all traffic that does not match a policy.
  • deny-all—Displays the configured default-policy.

Policy List Pane

From Zone

Name of the source zone.


To Zone

Name of the destination zone.



Name of the policy.


Source Address

Names of the source addresses for a policy. Address sets are resolved to their individual names. (In this case, only the names are given, not their IP address).


Destination Address

Name of the destination address (or address set) as it was entered in the destination zone’s address book. A packet’s destination address must match this value for the policy to apply to it.



Name of a preconfigured or custom application whose type the packet matches, as specified at configuration time.



Permitting application services under a policy results in permitting the following possibilites:

  • gprs-gtp-profile— Specify GPRS Tunneling Protocol profile name
  • idp— Performs Intrusion detection and prevention
  • redirect-wx— Sets WX redirection
  • reverse-redirect-wx— Sets WX reverse redirection
  • uac-policy — Enables unified access control enforcement of policy


Enables count for a policy and records the of no. of packets hitting the particular policy. For example: the i/p and o/p packets and bytes.)



Indicates the log options for log session. The options are:

  • Session initialization
  • Session close
  • Both

[Report an Error]