About This Document
Related Version
This document is based on the following versions and can be used as a reference for other Huawei firewall products.
Product |
Version |
|---|---|
USG6000 Series |
V500R001C00 and later versions |
USG9500 Series |
V500R001C00 and later versions |
USG6000E Series |
V600R006C00 and later versions |
Intended Audience
This document describes the basic knowledge of Huawei firewall security policies, basic principles for configuring and managing security policies, and how to deploy security policies. Finally, this document provides guidance for configuring security policies for common services.
This document is intended for network administrators who are responsible for configuring and managing firewalls. You should be familiar with the basic knowledge of Ethernet and have a deep understanding of the protocol interaction process within common services.
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol |
Description |
|---|---|
Indicates a hazard with a high level of risk which, if not avoided, will result in death or serious injury. |
|
Indicates a hazard with a medium level of risk which, if not avoided, could result in death or serious injury. |
|
Indicates a hazard with a low level of risk which, if not avoided, could result in minor or moderate injury. |
|
Indicates a potentially hazardous situation which, if not avoided, could result in equipment damage, data loss, performance deterioration, or unanticipated results. NOTICE is used to address practices not related to personal injury. |
|
Supplements the important information in the main text. NOTE is used to address information not related to personal injury, equipment damage, and environment deterioration. |
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention |
Description |
|---|---|
Boldface |
The keywords of a command line are in boldface. |
Italic |
Command arguments are in italics. |
[ ] |
Items (keywords or arguments) in brackets [ ] are optional. |
{ x | y | ... } |
Optional items are grouped in braces and separated by vertical bars. One item is selected. |
[ x | y | ... ] |
Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected. |
{ x | y | ... } * |
Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. |
[ x | y | ... ] * |
Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected. |
&<1-n> |
The parameter before the & sign can be repeated 1 to n times. |
# |
A line starting with the # sign is comments. |
GUI Conventions
The GUI conventions that may be found in this document are defined as follows.
Convention |
Description |
|---|---|
Boldface |
Buttons, menus, parameters, tabs, window, and dialog titles are in boldface. For example, click OK. |
> |
Multi-level menus are in boldface and separated by the ">" signs. For example, choose . |
Update History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.
- Update in Issue 05 (2023-04-04)
Referencing Objects in Security Policies is added.
- Update in Issue 04 (2021-12-31)
How to Configure Security Policies to Allow Destination NAT is modified.
- Update in Issue 03 (2021-8-17)
Added the operation guide for the NAT Server to use public IP addresses to match security policies.
- Update in Issue 02 (2021-05-19)
How to Optimize Security Policies is added.
- Update in Issue 01 (2020-11-28)
Initial commercial release.