UAG Series User’s Guide
289
CHAPTER 25
Security Policy
25.1 Overview
A security policy is a template of security settings that can be applied to specific traffic at specific
times. The policy can be applied:
• to a specific direction of travel of packets (from / to)
• to a specific source and destination address objects
• to a specific type of traffic (services)
• to a specific user or group of users
• at a specific schedule
The policy can be configured:
• to allow or deny traffic that matches the criteria above
• send a log or alert for traffic that matches the criteria above
• to apply the actions configured in the UTM profiles (application patrol, content filter) to traffic
that matches the criteria above
The security policies can also limit the number of user sessions.
The following example shows the UAG’s default security policy behavior for WAN to LAN traffic and
how stateful inspection works. A LAN user can initiate a Telnet session from within the LAN zone
and the UAG allows the response. However, the UAG blocks Telnet traffic initiated from the WAN
zone and destined for the LAN zone.
Figure 205 Default Security Policy Action
25.1.1 What You Can Do in this Chapter
•Use the Security Policy Control screens (Section 25.2 on page 291) to enable or disable policy
control and asymmetrical routes, and manage and configure policies.
•Use the Session Control screens (see Section 25.3 on page 296) to limit the number of
concurrent NAT/security policies sessions a client can use.
To Next Page
Loading...
