No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web-based Configuration Guide

AR650, AR1600, and AR6100 V300R003

This document describes how to configure and maintain your routers using the web platform.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Policy Application

Policy Application

Context

A security policy controls traffic forwarding on devices and detects the traffic content.

After policy application is configured, a device performs content security detection on all traffic between the source and destination zones. If traffic matches the rules of the security policy, the device takes actions defined by the security policy, securing enterprise networks.

Prerequisite

To use the deep security function, you must enable it. By default, the deep security function is disabled.

  1. Open the Service Management page.

    Log in to the web system, choose System Management > System Configuration > Service Management to open the Service Management page, as shown in Figure 14-25.

    Figure 14-25  Service Management tab page

  2. Enable or disable deep security.
    • Enable deep security.

      In the Service Management area, click Enabled > Apply of Value-added security service to enable the deep security function.

    • Disable deep security.

      To disable deep security, click Disable and Apply, and restart the device.

      After the device restarts, the deep security configurations are deleted.

Procedure

  • Creating an applied policy
    1. Access the Policy Application tab page, as shown in Figure 14-26.

      Log in to the tab pageDeep Security and choose Policy Application.

      Figure 14-26  Policy Application tab page

    2. In the Policy Application List area, click Create and set policy application parameters. Table 14-10 describes the parameters, as shown in Figure 14-27.

      Figure 14-27  Create Policy Application tab page

    3. Click OK.

    Table 14-10  Policy application parameters

    Parameter

    Description

    Source zone

    Security zone from which traffic is sent, which has a high security. The source zone can be the default or user-defined security zone.

    For details about how to configure a security zone, see Zone Policy.

    Destination zone

    Security zone for which traffic is destined, which has a low priority. The destination zone must exist.

    For details about how to configure a security zone, see Zone Policy.

    ACL name

    Object on which content security detection is performed, such as a period of time and IP address segment. The ACL rule must exist.

    NOTE:

    The policy takes effect only when the ACL rule is set to permit.

    For details about how to configure an ACL, see ACL.

    Intrusion Defense Policy

    The intrusion defense policy must exist.

    After an intrusion defense policy is configured in the policy application list, a device compares the traffic content against the intrusion defense library to detect attacks such as overflow attacks in the buffer, Trojan horses, backdoor attacks, and worm viruses, defending against attacks at the application layer.

    For details about how to configure an intrusion defense policy, see Intrusion Defense Policy.

    URL Filtering Policy

    The URL filtering policy must exist.

    After a URL filtering policy is configured in the policy application list, a device controls URLs that users can access to allow or forbid the users to access specified website resources.

    For details about how to configure a URL filtering policy, see URL Filtering Policy.

  • Modifying an applied policy
    1. In the Policy Application List area, select a policy and click on the right.
    2. In the Modify Policy Application List dialog box that is displayed, modify the parameters. The parameters are the same as those in Figure 14-27
    3. Click OK.
  • Deleting an applied policy
    1. In the Policy Application List area, select a policy and click Delete.
    2. In the dialog box that is displayed, click OK.
Download
Updated: 2019-04-12

Document ID: EDOC1100041803

Views: 31341

Downloads: 71

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next