View Policy Version Details
You can view the details of the policy versions associated with a security policy.
-
Select SRX > Security Policies
> Security Policies.
The Security Policies page appears.
-
Select the check box next to the policy and then right-click the policy or
click More.
A list of actions appears.
-
Select Manage Policy Versions.
The Manage Version page appears.
-
Select the version that you want to view details and click View
Details.
Table 1 provides the fields on the Version Details page.
Table 1: Policy Version Detail Fields Field
Description
Version Details Policy Version Policy version showing the latest policy version at the top. Created By E-mail address of the user who created the policy. Created On The date and time when the policy was created. Policy Details Name Name of the security policy.
Rules Number of rules associated with the policy. Description Description for the security policy. Rules Seq
Order number for the policy.
Rule Name
Security policy rule name.
Sources
Source endpoint to which a security policy rule applies. A source endpoint consists of zones, addresses, and identities.
Destinations
Destination endpoint to which a security policy rule applies. A destination endpoint can be zones, addresses, and URL categories.
Applications/Services
Applications and services associated with the security policy.
Action
Action applies to all traffic that matches the specified criteria. - Permit—Device permits traffic using the type of security authentication applied to the policy.
- Deny—Device silently drops all packets for the session and does not send any active control messages such as TCP Resets or ICMP unreachable.
- Reject—Device sends a TCP reset if the protocol is TCP, and device sends an ICMP reset if the protocols are UDP, ICMP, or any other IP protocol. This option is useful when dealing with trusted resources so that applications do not waste time waiting for timeouts and instead get the active message.
-
Redirect—The redirect URL or a custom message to be shown when HTTP requests are blocked.
-
Tunnel—Device permits traffic using the type of VPN tunneling options you applied to the policy.
Security Services
Hover your cursor over the highlighted advanced security options to view the details: -
IPS—Displays the IPS profile information including IPS rules and exempt rules.
-
Content Security— Displays the content security profile information for protection against multiple threat types including spam and malware, and control access to unapproved websites and content.
-
Decrypt—Displays SSL proxy profile.
-
SecIntel—Displays SecIntel profiles such as C&C, DNS, and infected hosts.
-
Anti-malware—Displays the anti-malware profiles associated with the security policy version.
Options
Displays scheduling, logging, and rule option information applicable to the security policy rule.