Configure Global Options

You can configure the global options by setting the default security settings and default security subscriptions. The global options are tenant-level configurations and are applicable for all the devices under the tenant.

Default Security Settings—The security policy takes some time to detect the L7 application in a traffic and act upon it. The default profiles help in providing security during that time. Configure the default security settings.
Default Security Subscriptions—You can set the default profiles to apply to a firewall rule. You can customize these settings at rule level. The default profiles are applied to a security policy rule, only if the profiles are enabled for that rule.

To configure the global options for a security policy:

Select SRX > Security Policies > Security Policies.
The Security Policy page appears.
Click Global options.
The Global Options page appears displaying a list of default settings.

Complete the configuration according to the guidelines provided in Table 1.

Table 1: Fields on the Global Options Page
Field	Description
Default security settings
IPS profile	An IPS profile that will be set as default IPS policy.
Content Security profile	A content security profile that will be set as default-configuration for content security.
Decrypt profile	A decrypt profile that will be set as a default decrypt profile.
Anti-malware profile	An anti-malware profile that will be set as a default anti-malware profile.
Secintel Profile Group	A selected secintel profile group that will be set as a default Secintel profile group.
Default Security Subscriptions
IPS profile	Select an IPS profile to assign to policy rules. The selected IPS profile is applied as a default IPS profile when you enable the IPS toggle button is at rule level. See Add a Security Policy Rule. Note: You can customize an IPS profile at the rule level. The rule-level IPS profile takes precedence over the default IPS profile that you select using the global option.
Content Security profile	Select a content security profile to assign to policy rules. The selected content security profile is applied as a default content security profile when you enable the Content Security toggle button is at rule level. See Add a Security Policy Rule. Note: You can customize an content security profile at the rule level. The rule-level content security profile takes precedence over the default content security profile that you select using the global option.
Decrypt profile	Select the decrypt profile to assign to policy rules. The selected decrypt profile is applied as a default decrypt profile when you enable the Decrypt profile toggle button at rule level. See Add a Security Policy Rule. Note: You can customize the decrypt profile at the rule level. The rule-level decrypt profile takes precedence over the default decrypt profile that you select using the global option.
Anti-malware profile	Select an anti-malware profile to assign to policy rules. The selected anti-malware profile is applied as a default anti-malware profile when you enable the Anti-malware profile toggle button at rule level. See Add a Security Policy Rule Note: You can customize an anti-malware profile at the rule level. The rule-level anti-malware profile takes precedence over the default anti-malware profile that you select using the global option.
Secintel Profile Group	Select a Secintel profile group to assign to policy rules. The selected Secintel profile group is applied as a default Secintel profile group when you enable the Secintel Profile Group toggle button at rule level. See Add a Security Policy Rule Note: You can customize a Secintel profile group at the rule level. The rule-level Secintel profile group takes precedence over the default Secintel profile group that you select using the global option.

Click OK.
A confirmation message is displayed.