Table of Contents
Advertisement
Copyright © 2010, Juniper Networks, Inc.
the scroll bar will move horizontally or vertically, if there are more rules or columns
available into which an object can be dropped.
From the main Address Tree and Service Tree, you can drag Address and Service objects
into and out of groups.
Drag and drop support is also available in configuration dialogs for the following:
Source and Destination columns of Zone-based and Global Firewall rulebases
Source, Destination, and Attacks columns of IDP rulebase
Source, Destination, and Application columns of APE rulebase
Source, Destination, and Attacks columns of Exempt rulebase
Source and Destination columns of Backdoor rulebase
Source and Destination columns of Network Honeypot rulebase
Source and Destination columns of Traffic Anamolies rulebase
Source and Destination columns of SYN Protector rulebase
Source and Destination columns of Permitted Object entries
NOTE: You cannot drag an object into a column that is not appropriate for
that object. For example, you cannot drop a service object into the "Install
On" column; you cannot drop a standalone IDP device into the "Install On"
column for a zone-based firewall rulebase. Dragging and dropping objects is
also not supported on any predefined IDP policy.
Deleting a Rule
To delete a rule, right-click inside the No. column (the first column) of the rule and select
Delete. You can also delete a rule group; however, deleting the rule group also deletes
all rules within the rule group.
Disabling a Rule
To disable a rule, right-click inside the No. column (the first column) of the rule and select
Disable. The rule remains in the rulebase, but a gray diagonal stripe indicates that it has
been disabled. While the rule is disabled, NSM does not install the rule on any devices.
To enable a rule, right-click inside the No. column (the first column) of the rule and select
Disable again to clear the checkbox. You can disable rule groups using the same method.
Using Rule Groups
To create a rule group, select the rules you want to include in the group, then right-click
and select create rule group. Enter a name and description for the rule group, then click
OK.
Combining rules into a rule group can help you better manage rules. For example, you
might want to create rule group for:
Chapter 9: Configuring Security Policies
517
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers