Symantec 10521146 Administration Guide - Page 115
Setting policies to interfaces, Applying to save changes, Overriding blocking rules globally, Policies
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
Protection policies 115 Using protection policies Setting policies to interfaces You can immediately set the Symantec protection policies to work by setting them to specific node interfaces and applying the settings. You can set protection policies to both software and appliance nodes, with some important differences. To apply a protection policy 1 In the Policies tab, select a protection policy to apply. 2 Click Set to Interfaces. 3 In Apply Policy to Selected Interface, select the interface, in-line pair, or interface group to apply this policy to, and click OK. 4 In the Protection Policies tab, click Apply to save and apply changes. Note: In a cluster, the master node stores the definitions of protection policies that you apply to slave nodes. If the master node fails or is demoted to slave, the link is broken between applied policies and their definitions. Slave nodes sometimes then appear to have viable policies applied that in reality are disabled. Prevent losing policies through failure by backing up the master node. Prevent losing policies when demoting by reapplying policy definitions to the new master node. See "Backing up and restoring" on page 297. Applying to save changes You can edit multiple protection policies and save multiple changes by clicking Apply. Before you apply protection policies, make sure to set the policies to interfaces. See also "Setting policies to interfaces" on page 115. To apply a protection policy 1 In the Policies tab, select a protection policy to apply. 2 In the Protection Policies tab, click Apply to save and apply changes. Overriding blocking rules globally The Symantec Network Security 7100 Series now provides the ability to prevent malicious traffic from entering your network. If sensors indicate that unexpected traffic is about to penetrate the firewall or router, you can block it