In the [Properties] tab, it is mandatory to define a name and description for the policy and optionally can be defined Tags that help in the organization and facilitate the search for policies.



IPv4 - Side Tabs - Properties


This tab contains the panels:


Next, we will analyze the function of each panel field.


General


Below is a description of the function of each field on the form displayed in the [General] panel:


IPv4Properties - General


  • Name: Define name for policy;
  • DescriptionDefine description for policy;
  • Action: Determines the behavior of the policy in question, having as possibilities:
    • Allow: As the name says, the Allow action serves to grant access and leave traffic free of blockages;
    • Deny: The Deny action blocks traffic but does not inform the source address that the service is being blocked. That is, in this scenario, for the address of the connection source, it is not possible to know if there is a firewall intercepting the connection or simply the service is not active;
    • Reject: The Reject action notifies the source address that the service has been blocked by a firewall, which sends an ICMP packet indicating that the service is inaccessible.
  • Tags: This option allows you to define Tags so that the administrator can use them as a “Filter” for their searches based on their definitions. By default, the system defines a “name” for the Tags by type of resource in use enabled in the policy;
  • Policy GroupThrough this option it is possible to include the policy in question within a group of policies;
  • Traffic Monitor: When this option is checked[], the matching information from the sessions with the created policy, will be collected by the monitoring service.
  • Traffic Logging[]: This checkbox, if enabled, provides the option to generate a report for a particular policy. The Traffic Loging options are configured in Settings - System - Logging tab.


If you intend to use Netflow, it must be optionally enabled by the administrator in the system's Traffic Logging settings.


Schedule


Below is a description of the function of each form field displayed on the [Schedule] panel:


IPv4 – Properties - Schedule


  • Time[]: If the checkbox is selected, it determines whether the rule will apply on working days (“Business”), weekends (“Weekend”) or on any other object of the type "Time" that has been previously created;
  • Schedule[]: If the checkbox is selected, it allows to determine if the rule will apply in relation to a “Period/Date” object that has been previously created.


Next we will analyze the contents of the Connection tab.

Remaining tabs:

  • No labels