Alcatel-Lucent Security Management Server (SMS) Release 9.4 Technical Overview page 14

Alcatel-Lucent VPN Firewall Brick
• Renumber a rule by moving it up or down within a ruleset to change the
order/priority in which a rule is applied to an incoming/outgoing packet
• Delete a user-defined rule
• Copy and rename a Brick zone ruleset
• Move a zone ruleset to a different zone ruleset folder in a different group
• Delete a zone ruleset
Traffic matcher tool
The SMS allows you to test a Brick zone ruleset by entering a specification for
simulated traffic, and performing a search for which rules in that ruleset would be
triggered by the traffic pattern entered. The rules are matched and displayed, based on
the general traffic characteristics entered, not on the specific action that would be taken
on the traffic or traffic originating from a certain NAT address. The tool allows you to
display all rules that match the "virtual traffic" details entered, or all rules in the
ruleset with those that match the "virtual traffic" details highlighted in the display.
Rule statistics report
A Rule Statistics report is available which provides hit counts by rule for a Brick zone
ruleset, or hit counts by zone ruleset for a selected group or one or more Bricks,
during a specified time period.
Related information
For complete details about creation of security rules and Brick zone rulesets, refer to
the SMS Policy Guide.
...................................................................................................................................................................................................................................
1-8
™
Security Appliance Brick Policy Rules and Zone Rulesets
260-100-022R9.4
Issue 1, June 2009