Managing prerules and postrules
Copyright © 2010, Juniper Networks, Inc.
To manage post/pre rules, Central Manager administrators can:
Add prerules and postrules
Push prerules and postrules to Regional Server
Modify prerules and postrules
Delete prerules and postrules
Add prerules and postrules
This procedure assumes that a Central Manager administrator is logged onto a Central
Manager client.
To add a pre/post rule:
In the main navigation tree, select Policy Manager > Central Manager Policies.
1.
Select either Central Manager Pre Rules or Central Manager Post Rules.
2.
Click the Add icon in the toolbar and select Add Rule.
3.
Select a regional server object for the rule's Install On column, as necessary.
4.
Prerules and postrules can be added at the subdomain, global, or central manager
level. Prerules and postrules use the precedence of central manager, global and then
subdomain when applied to a policy.
Push prerules and postrules to Regional Server
This procedure assumes that a Central Manager administrator is logged onto a Central
Manager client, and a pre/post rule has been added.
To push a pre/post rule:
In the main navigation tree, select Policy Manager > Central Manager Policies.
1.
Select either Central Manager Pre Rules or Central Manager Post Rules.
2.
Select Tools > Update Regional Servers.
3.
Select the regional servers to which you want to push prerules and postrules.
4.
Central Manager Administrator monitors progress from the Job Manager.
Prerules and postrules and their referenced shared objects are replicated in the regional
servers managed by Central Manager. The status and time of the prerules and postrules
push is clearly marked when an administrator is logged onto a regional server.
Modify prerules and postrules
This procedure assumes that a Central Manager administrator is logged onto a Central
Manager client, and a pre/post rule has been pushed to a regional server.
To modify a pre/post rule:
Chapter 9: Configuring Security Policies
529