Purpose: Add or edit policies by specifying the users or user groups, gateways or gateway groups, scheduling, and the appropriate action to take when policy violations occur.
Location: Policies > Policies Rules > Add / Edit
- Specify a policy name between 1 and 32 characters, consisting of letters, numbers, or underlines.
- Specify the Description.
- Enable or disable the rule.
-
Configure Source users / User Groups / IP
Addresses / FQDNs / MAC Addresses.
See Policy Rules and IPv4/IPv6 Support.
-
Select Any for the policy to affect all users and groups and all addresses.
-
Select Selected users / user groups for the policy to affect only specific users or groups.
-
Select Selected IP Addresses/FQDNs for the policy to affect only specific IP addresses or specific FQDNs.
-
Select Selected MAC Addresses for the policy to affect only specific MAC addresses.
-
-
Configure Destination.
See Policy Rules and IPv4/IPv6 Support.
-
Select Any for the policy to affect all users and groups and all addresses.
- Select Selected IP Addresses/FQDNs for the policy to affect only specific IP addresses or specific FQDNs.
-
-
Configure Traffic Type.
-
Select Any or Selected applications / URL categories for the rule to include all application groups (default) or only specific applications.
Note: You must select Any if you want to specify Bypass as the action to take when policy violations occur. -
Select Any or Selected services for the rule to include all services (default) or only specific services.
-
-
Configure the Schedule.
Option Description Always
Includes all schedules. (Default)
Schedule name
Displays names of available schedule objects.
Add New Schedule Object
Access the Add/Edit schedule object creation dialog box.
-
Select the Action.
-
Allow
-
Block
-
Bypass
If the traffic matches the policy rule, allow the traffic while bypassing scanning.
Note: You are unable to select Bypass if you selected Selected applications / URL categories as the Traffic Type. -
- Click Save.