Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add a Security Policy

A security policy enforces rules for transit traffic, in terms of what traffic can pass through the security, and the actions that need to take place on traffic as it passes through the security. The Add Security Policy page enables you to create a security policy and assign it to one or more devices.
Note:

A single policy can have both zone based rules and global rules for the devices.

To add a security policy:

  1. Click SRX > Security Policy > SRX Policy.
    The Security Policies page appears.
  2. Click +.
    The Add Security Policy page appears.
  3. Follow the guidelines in the below table to complete the configuration:
    Table 1: Fields on the Add Security Policy Page
    Field Description

    Name

    Enter a unique string of alphanumeric characters that can include spaces and some special characters.

    The maximum length is 255 characters.

    Description

    Enter a description for the policy; the maximum length is 255 characters.

    Rule placement analysis

    Enable the rule placement analysis for the newly created rules. The rule placement analysis helps you to avoid anomalies by suggesting the correct rule placement.

    Note:
    • You can enable the rule placement analysis when you create a security policy or edit an existing security policy.

    • Rule placement analysis suggestion is available only for newly created rules in a security policy.

    When you create a rule, Juniper Security Director Cloud performs the rule placement analysis. The Suggested Rule Placement page suggests appropriate rule position with a reason for the rule placement suggestion. Click Accept to accept the suggested rule placement. Click Reject to go back to rules page and modify the rule.

    All devices

    Select the toggle button to apply the security policy to all devices.

    Select Devices

    Select the devices or MNHA pair from the Available column and click > to move the devices to the Selected column.

    The Selected column displays the MNHA pair name and the devices in the pair. However, you can select only the devices in the pair or the MNHA pair name. If you select both and click >, an error message is displayed.

    Sequence No.

    Select this option to specify the policy sequence number. This number identifies the location of your policy in relation to the entire sequence.

    Change Sequence Number

    Click the link and use the Select Policy Sequence page to move and place the policy to your preferred sequence in the list. This helps you to organize your policy in the required sequence.

  4. Click OK.
    The new security policy is created and a confirmation message is displayed.