Add Security Policies
Create a security policy and assign it to SRX Series Firewalls. A security policy can have both zone-based rules and global rules for the devices.
A security policy enforces rules for transit traffic, in terms of what traffic can pass through the security, and the actions that need to take place on traffic as it passes through the security. While creating security policies:
-
Define standard security policy constructs that reflect your organization's security intent, rather than creating device‑specific or site‑specific policies
-
Adopt naming conventions and standardized security policy structures to simplify ongoing lifecycle management and policy reviews.
Effective security policies are usually:
- Ordered—Rules are evaluated top‑down; the first match is applied.
- Least‑privilege based—Only required traffic is allowed; everything else is denied by default.
- Regularly reviewed—Updated as applications, users, and threats change.
Before you create a security policy, identify the devices to enforce the policy.
To create a security policy:
The new security policy is created and a confirmation message is displayed.