Modify Prerules And Postrules; Delete Prerules And Postrules; Polymorphic Objects; Customizing Polymorphic Objects - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide

Polymorphic Objects

Customizing Polymorphic Objects

518
Prerules and postrules and their referenced shared objects are replicated in the regional
servers managed by Central Manager. The status and time of the prerules and postrules
push is clearly marked when an administrator is logged onto a regional server.

Modify prerules and postrules

This procedure assumes that a Central Manager administrator is logged onto a Central
Manager client, and a pre/post rule has been pushed to a regional server.
To modify a pre/post rule:
In the main navigation tree, select Policy Manager > Central Manager Policies.
1.
Select either Central Manager Pre Rules or Central Manager Post Rules.
2.
Right-click the rule you want to modify and select Copy, Paste, or Cut. If you select
3.
Paste, you have additional options to paste the rule before or after another rule.
A modified pre/post rule replaces the existing pre/post rule on the regional server.
Associated shared objects, if they are new, are replicated in the regional server.

Delete prerules and postrules

This procedure assumes that a Central Manager administrator is logged onto a Central
Manager client, and a pre/post rule has been pushed to a regional server.
To delete a pre/post rule:
In the main navigation tree, select Policy Manager > Central Manager Policies.
1.
Select either Central Manager Pre Rules or Central Manager Post Rules.
2.
Right-click the rule you want to modify and select Delete.
3.
Associated shared objects (if they are not polymorphic objects), in the regional server,
are also deleted from the regional server.
The Policy Manager uses shared objects (such as address, zone, and attack) when defining
various components of a policy rule. Polymorphic objects are objects that can be defined
at the Central Manager or regional server level. Polymorphic objects can be used as place
holders for values that will be defined in a different context (in a regional server domain
or subdomain, for instance).
Prerules and postrules are defined at the Central Manager level or regional server level
and can use shared objects that are defined by regional administrators. To provide regional
server administrators the capability of customizing Central Manager prerules and
postrules, shared objects defined in Central Manager are flexible and can be customized
by regional administrators, creating polymorphic objects.
Each polymorphic object contains a mapping table. Each entry of the mapping table has
an attribute of domain, device, and a concrete shared object reference of the same type.
Copyright © 2010, Juniper Networks, Inc.