Create empty sub-policies

Before you can edit a sub-policy, you must create an empty sub-policy.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Right-click the Policies branch and select one of the following options:
    • New > Firewall Sub-Policy.
    • New > IPS Sub-Policy.
    • New > Layer 2 Firewall Sub-Policy.
    • New > Layer 2 Interface Sub-Policy
  3. Enter a unique Name for the element.
  4. (Optional) Click the Permissions tab and adjust the Access Control Lists at the top part of the dialog box to include the Sub-Policy on one or more custom Access Control Lists.
  5. Click OK.
    The new Sub-Policy opens in the Policy Editing view.

Firewall Sub-Policy Properties dialog box

Use this dialog box to define the properties of a Firewall Sub-Policy or an IPv6 Firewall Sub-Policy.

Option Definition
General tab
Name Specifies the element name.
Category Shows the assigned category.
Select Opens the Category Selection dialog box.
Comment An optional comment for your own reference.
Permissions tab
Access Control Lists Specifies administrator permissions for the policy.
Add Opens the Select Element dialog box.
Remove Removes the policy from the selected Access Control List.
Permissions
Administrator Shows the administrator who is allowed to view or edit the policy.
Administrator Role Shows the role or roles assigned to the selected administrator.
Add Permission Adds an entry to the Administrator list.
Remove Permission Removes the selected entry from the Administrator list.

IPS Sub-Policy Properties dialog box

Use this dialog box to define the properties of an IPS Sub-Policy element.

Option Definition
General tab
Name Specifies the element name.
Category Shows the assigned category.
Select Opens the Category Selection dialog box.
Comment An optional comment for your reference.
Option Definition
Permissions tab
Access Control Lists Specifies administrator permissions for the policy.
Add Opens the Select Element dialog box.
Remove Removes the policy from the selected Access Control List.
Permissions
Administrator Shows the administrator who is allowed to view or edit the policy.
Administrator Role Shows the role or roles assigned to the selected administrator.
Add Permission Adds an entry to the Administrator list.
Remove Permission Removes the selected entry from the Administrator list.

Layer 2 Firewall Sub-Policy Properties dialog box

Use this dialog box to define the properties of a Layer 2 Firewall Sub-Policy.

Option Definition
General tab
Name Specifies the element name.
Category Shows the assigned category.
Select Opens the Category Selection dialog box.
Comment An optional comment for your own reference.
Permissions tab
Access Control Lists Specifies administrator permissions for the policy.
Add Opens the Select Element dialog box.
Remove Removes the policy from the selected Access Control List.
Permissions
Administrator Shows the administrator who is allowed to view or edit the policy.
Administrator Role Shows the role or roles assigned to the selected administrator.
Add Permission Adds an entry to the Administrator list.
Remove Permission Removes the selected entry from the Administrator list.

Layer 2 Interface Sub-Policy Properties dialog box

Use this dialog box to define the properties of a Layer 2 Interface Sub-Policy.

Option Definition
General tab
Name The name of the element.
Category

(Optional)

Includes the element in predefined categories. Click Select to select a category.
Comment

(Optional)

A comment for your own reference.
Option Definition
Permissions tab
Access Control Lists Specifies administrator permissions for the policy.
Add Opens the Select Element dialog box.
Remove Removes the policy from the selected Access Control List.
Permissions
Administrator Shows the administrator who is allowed to view or edit the policy.
Administrator Role Shows the role or roles assigned to the selected administrator.
Add Permission Adds an entry to the Administrator list.
Remove Permission Removes the selected entry from the Administrator list.