Adding/Editing Policy Rules

Purpose: Add or edit policies by specifying the users or user groups, gateways or gateway groups, scheduling, and the appropriate action to take when policy violations occur.

Location: Policies > Policies Rules > Add / Edit

  1. Specify a policy name between 1 and 32 characters, consisting of letters, numbers, or underlines.
  2. Specify the Description.
  3. Enable or disable the rule.
  4. Configure Source users / User Groups / IP Addresses / FQDNs / MAC Addresses. See Policy Rules and IPv4/IPv6 Support.
    • Select Any for the policy to affect all users and groups and all addresses.

    • Select Selected users / user groups for the policy to affect only specific users or groups.

    • Select Selected IP Addresses/FQDNs for the policy to affect only specific IP addresses or specific FQDNs.

    • Select Selected MAC Addresses for the policy to affect only specific MAC addresses.

  5. Configure Destination. See Policy Rules and IPv4/IPv6 Support.
    • Select Any for the policy to affect all users and groups and all addresses.

    • Select Selected IP Addresses/FQDNs for the policy to affect only specific IP addresses or specific FQDNs.
  6. Configure Traffic Type.
    • Select Any or Selected applications / URL categories for the rule to include all application groups (default) or only specific applications.

      Note: You must select Any if you want to specify Bypass as the action to take when policy violations occur.
    • Select Any or Selected services for the rule to include all services (default) or only specific services.

  7. Configure the Schedule.
    Option Description

    Always

    Includes all schedules. (Default)

    Schedule name

    Displays names of available schedule objects.

    Add New Schedule Object

    Access the Add/Edit schedule object creation dialog box.

  8. Select the Action.
    • Allow

    • Block

    • Bypass

      If the traffic matches the policy rule, allow the traffic while bypassing scanning.

    Note: You are unable to select Bypass if you selected Selected applications / URL categories as the Traffic Type.
  9. Click Save.