USG20(W)-VPN Series User’s Guide
315
CHAPTER 20
Security Policy
20.1 Overview
A security policy is a template of security settings that can be applied to specific traffic at specific
times. The policy can be applied:
• to a specific direction of travel of packets (from / to)
• to a specific source and destination address objects
• to a specific type of traffic (services)
• to a specific user or group of users
• at a specific schedule
The policy can be configured:
• to allow or deny traffic that matches the criteria above
• send a log or alert for traffic that matches the criteria above
• to apply the actions configured in the UTM profile (content filter, ) to traffic that matches the
criteria above
Note: Security policies can be applied to both IPv4 and IPv6 traffic.
The security policies can also limit the number of user sessions.
The following example shows the USG’s default security policies behavior for a specific direction of
travel of packets. WAN to LAN traffic and how stateful inspection works. A LAN user can initiate a
Telnet session from within the LAN zone and the USG allows the response. However, the USG blocks
incoming Telnet traffic initiated from the WAN zone and destined for the LAN zone.
Figure 210 Default Directional Security Policy Example
20.2 One Security
OneSecurity.com is a website with guidance on configuration walkthroughs, troubleshooting, and
other information.
To Next Page
Loading...
