Product Documentation

Policies

An administrator can define network and application policies. Policies are defined by the administrator. These policies help to enable traffic steering, Quality of Service (QoS), and filtering capabilities for applications.

To view policies, navigate to Configuration > Policies.

localized image

Application policy

You can set application policies to control traffic steering and Quality of Service (QoS) for the desired applications, or user-defined traffic.

Application policies are defined in the form of multiple rules which get applied in the user-defined order.

localized image

Create new rule

An administrator needs to place the defined rule based on the priority. The priorities such as Top of the List, Bottom of the List, or in between two existing entries.

It is recommended to have more specific rules for applications or sub applications at the top, followed by less specific rules for the ones representing broader traffic.

For example, you can create specific rules for both Facebook Messenger (sub application) and Facebook (application). Put Facebook Messenger rule on top of the Facebook rule so that the Facebook Messenger rule gets hit. If the order is reversed, Facebook Messenger being a subapplication of Facebook application, Facebook Messenger rule would not get hit. It is important to get the order right.

Provide a name for each rule, and select routing domain as applicable.

localized image

Match criteria

Select traffic for a defined rule such as:

  • An application
  • Custom defined application
  • Group of applications or IP protocol based rule

Rule scope

Specify whether a defined rule can be applied globally across all the sites in the network or on certain specific sites.

Application steering

Specify how the traffic needs to be steered.

QoS Settings

This section is currently applicable only for the overlay virtual path traffic. Here you get to specify the priority of traffic (High, Medium, or Low) and the traffic characteristics (Real-time, Interactive, and Bulk) to help suitably prioritize the application, application group, or the traffic in a defined rule. Prioritization is in terms of share of bandwidth available during congestion.

QoS class bandwidth settings can be found at Network Configuration > Profiles > QoS Profiles.

localized image

Firewall policy

The Firewall Policy settings are obtained from the policy profile. Firewall policy provides security that ensures that network traffic is restricted only to a specific policy that dictates through its match criteria.

You can create rules for firewall policy. Select the Create New Rule option to configure firewall rules that control transit traffic that is classified by matching its source and destination zones and applications. You can also allow, deny, and log traffic from a specific domain.

Create new rule

An administrator needs to place the defined rule based on the priority such as Top of the List, Bottom of the List, or in between two existing entries.

It is recommended to have more specific rules for applications or subapplications at the top, followed by less specific rules for the ones representing broader traffic.

Provide a name for each rule, and select routing domain as applicable.

localized image

Match criteria

Select traffic for a defined rule such as:

  • An application
  • Custom defined application
  • Group of applications or IP protocol based rule

Rule scope

Specify whether a defined rule can be applied globally across all the sites in the network or on certain specific sites.

Actions

In the Action drop-down menu, you can click an option to allow or deny the traffic based on the requirement.

localized image

You can restrict the Source and Destination zone for the selected application type.

localized image

Save the page once all the entries are filled with mandatory values.

localized image

Policies