Product Documentation

Configuring Classic Policies and Expressions

May 25, 2015

Some NetScaler features use classic policies and classic expressions. As with default syntax policies, classic policies can be either global or specific to a virtual server. However, to a certain extent, the configuration method and bind points for classic policies are different from those of default syntax policies. As with default syntax expressions, you can configure named expressions and use a named expression in multiple classic policies.

The following table summarizes NetScaler features that can be configured by using classic policies.

Table 1. Policy Type and Bind Points for Policies in Features That Use Classic Policies

Feature

Virtual Servers

Supported Policies

Policy Bind Points

How You Use the Policies

System features, Authentication

None

Authentication policies

Global

For the Authentication feature, policies contain authentication schemes for different authentication methods. For example, you can configure LDAP and certificate-based authentication schemes.

SSL

None

SSL policies

  • Global
  • Load Balancing virtual server

To determine when to apply an encryption function and add certificate information to clear text.

To provide end-to-end security. After a message is decrypted, the SSL feature re-encrypts clear text and uses SSL to communicate with back-end Web servers.

Content Switching

(Can use either classic or default syntax policies, but not both)

Content Switching virtual server

Content Switching policies

  • Content Switching virtual server
  • Cache Redirection virtual server

To determine what server or group of servers is responsible for serving responses, based on characteristics of an incoming request.

Request characteristics include device type, language, cookies, HTTP method, content type and associated cache server.

Compression

None

HTTP Compression policies

  • Global
  • Content Switching virtual server
  • Load Balancing virtual server
  • SSL Offload virtual server
  • Service

To determine what type of HTTP traffic is compressed.

Protection features, Filter

None

Content Filtering policies

  • Global
  • Content Switching virtual server
  • Load Balancing virtual server
  • SSL Offload virtual server
  • Service

To configure the behavior of the filter function.

Protection features, SureConnect

None

SureConnect policies

  • Load Balancing virtual server
  • SSL Offload virtual server
  • Service

To configure the behavior of the SureConnect function.

Protection features, Priority Queuing

None

Priority Queuing policies

  • Load Balancing virtual server
  • SSL Offload virtual server

To configure the behavior of the Priority Queuing function.

HTML Injection

None

HTML Injection Policies

  • Global
  • Load Balancing virtual server
  • Content Switching virtual server
  • SSL Offload virtual server

To enable the NetScaler to insert text or scripts into an HTTP response that it serves to a client.

AAA - Traffic Management

None

Authentication, Authorization, Auditing, and Session policies

  • Authentication virtual server (authentication, session, and auditing policies)
  • Load Balancing or Content Switching virtual server (authorization and auditing policies)
  • Global (session and audit policies)
  • AAA group or user (session, auditing, and authorization policies)

To configure rules for user access to specific sessions and auditing of user access.

Cache Redirection

Cache Redirection virtual server

Cache Redirection policies

Map policies

Cache Redirection virtual server

To determine whether HTTP responses are served from a cache or an origin server.

Application firewall

None

Application firewall policies

Global

To identify characteristics of traffic and data that should or should not be admitted through the firewall.

NetScaler Gateway

VPN server

Pre-Authentication policies

  • AAA Global
  • VPN vserver

To determine how the NetScaler Gateway performs authentication, authorization, auditing, and other functions, and to define rewrite rules for general Web access using the NetScaler Gateway.

Authentication policies

  • System Global
  • AAA Global
  • VPN vserver

Auditing policies

  • User
  • User group
  • VPN vserver

Session policies

  • VPN Global
  • User
  • User Group
  • VPN vserver

Authorization policies

  • User
  • User Group

Traffic policies

  • VPN Global
  • User
  • User Group
  • VPN vserver

TCP Compression policies

VPN Global