CHAPTER 9: Security Policy Examples
214 Vcontroller
2 Create a schedule with these parameters:
NAME
9 to 5, Monday - Friday
DESCRIPTION
Schedule for 9:00am - 5:00pm, Monday - Friday
ENABLE SCHEDULER
Checked
TYPE
Weekly
DAYS/HOURS
Monday - Friday, From 9:00 To 17:00
Example 3: Allowing unlimited access for
authorized users
Chambers Enterprises, like the company in the previous
example, wants to block Internet access during working
hours. However, it wants to make exceptions for certain
authorized users.
To achieve this, you would make use of the user-authenti-
cation firewall feature and replace the “Deny_HTTP” pol-
icy with a scheduled “Allow_User” policy. When this
revised policy is in effect (during office hours), only autho-
Name Src Dest Service In Firewall NAT/LB Schd
1 Deny_
HTTP
ANY ANY HTTP 0 Block DNAT 9to5
M-F
2 Allow_
HTTP
ANY ANY HTTP 0 Pass DNAT
3 Allow_
MAIL
ANY ANY POP3 0 Pass DNAT
4 Deny_
Private
ANY ANY ANY 0 Block
5 Deny_
Public
ANY ANY ANY 1 Block
To Next Page
Loading...
