Table of Contents
Advertisement
Configuring Objects for Rules
Copyright © 2010, Juniper Networks, Inc.
Pre-Existing Policies—When creating a new policy, you can use an existing policy as a
template. NSM comes with a collection of predefined IDP policies that you can use, or
you can use a policy that was created earlier by your organization.
Rulebases—When you initially create a security policy, only the Firewall rulebase and
possibly the IDP rulebase appear by default. To create a rule in other rulebases, you
must manually add those rulebases to the policy.
The following sections detail these options.
Objects are reusable logical entities that represent specific settings, configurations, or
external pieces of hardware. You can reuse objects in multiple areas in the NSM GUI.
Within rules, you use objects to define the source, destination, and service, as well as to
specify settings for rule options, such as Web Filtering or attack protection.
For some object types, such as services and IDP attack objects, NSM contains a database
of predefined objects. If the predefined objects do not meet your networking requirements,
you can create custom objects and add them to the object database. For other object
types, such as address objects, DI profiles, and Global MIPS, no predefined objects exist;
before you can use one of these objects in a rule, you must create the object in Object
Manager.
Applying the Same Object to Multiple Rules
You can apply the same object (column value) to a selection of policy rules. Rule groups
must be in an expanded state to apply the same object to the rules of a rule group.
Columns that disallow duplicate values, such as the rule ID and No. columns cannot be
used to apply the same object to a selection of rules.
NOTE: You cannot apply the same object to a selection of rules for Predefined
policies, VPN rules, or Central rules on a Regional Server regular policy.
To apply the same object to a selection of policy rules:
Select all the rules to which the column value will be applied:
1.
To select all the rules in a rulebase, click on any rule in the rulebase and press Ctrl
+ a.
To select a contiguous range of rules in a rulebase, press Shift + Ctrl and select the
rules.
To select a noncontiguous range of rules in a rulebase, press Ctrl and select the
rules.
Right-click on the column value of the rule that you want to apply to the selected
2.
rules and select Apply value to selected rules from the menu.
The selected column value is applied to all selected rules.
Chapter 9: Configuring Security Policies
445
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers