CHAPTER 9: Security Policy Examples
Name
Src
1
Deny_
ANY
HTTP
2
Allow_
ANY
HTTP
3
Allow_
ANY
MAIL
4
Deny_
ANY
Private
5
Deny_
ANY
Public
2
Create a schedule with these parameters:
NAME
DESCRIPTION
ENABLE SCHEDULER
TYPE
DAYS/HOURS
Example 3: Allowing unlimited access for
authorized users
Chambers Enterprises, like the company in the previous
example, wants to block Internet access during working
hours. However, it wants to make exceptions for certain
authorized users.
To achieve this, you would make use of the user-authenti-
cation firewall feature and replace the "Deny_HTTP" pol-
icy with a scheduled "Allow_User" policy. When this
revised policy is in effect (during office hours), only autho-
214
Dest
Service
ANY
HTTP
ANY
HTTP
ANY
POP3
ANY
ANY
ANY
ANY
9 to 5, Monday - Friday
Schedule for 9:00am - 5:00pm, Monday - Friday
Checked
Weekly
Monday - Friday, From 9:00 To 17:00
In
Firewall
NAT/LB
0
Block
DNAT
0
Pass
DNAT
0
Pass
DNAT
0
Block
1
Block
Schd
9to5
M-F
Vcontroller