Actions on filter policy rules
|Search||This field makes it possible to perform searches by occurrence, letter or word.
|New rule||Inserts a predefined line or a blank line after the selected line.
5 choices are available: authentication, SSL inspection and explicit HTTP proxy rules will be defined via a wizard in a separate window:
Separators indicate the number of grouped rules and the numbers of the first and last rules in the form: “Rule name (contains the total number of rules, from first to last)”.
You can collapse or expand the node of the separator in order to show or hide the rule grouping. You can also copy/paste a separator from one location to another.
You can specify as the Destination URL categories or groups that are exempt from the rule, and therefore accessible without authentication (the web object authentication_bypass contains by default Microsoft update sites). Access to these sites without authentication can therefore also benefit from the firewall’s security inspections.
In order to Inspect encrypted traffic through the second zone in the wizard window, you will need to define the configuration of the Inspection profile, by selecting one of those you have defined earlier, or leave it in “Auto” mode. This automatic mode will apply the inspection relating to the source of the traffic (cf Application protection>Inspection profile).
You can also enable the Antivirus or Antispam and select the URL, SMTP, FTP or SSL filter policies (checks the CN field of the certificate presented).
|Delete||Deletes the selected line.|
|Move up||Places the selected line before the line just above it.|
|Move down||Places the selected line after the line just below it.|
|Expand all||Expands all rules in the tree.|
|Collapse all||Collapses all folders in the directory.|
|Cut||Cuts a filter rule in order to paste it.|
|Copy||Copies a filter rule in order to duplicate it.|
|Paste||Duplicates a filtering rule after having copied it.|
|Search in logs||Whenever a filter rule rule is selected, click on this button to automatically search for the name of the rule in the "All logs" view (Logs > Audit logs > Views module). If the selected rule has not been named, a warning message will indicate that the search cannot be performed.|
|Search in monitoring||Whenever a filter rule is selected, click on this button to automatically search for the name of the rule in the connection monitoring module.|
|Reset rules statistics||Clicking on this button will reinitialize the digital and graphical counters showing how filter rules are used, located in the first column of the table.|
|Reset columns||When you click on the arrow on the right in the field containing a column’s name (example: Status), you will be able to display additional columns or remove columns so that they will not be visible on the screen, by checking or unchecking them.
If you click quickly 10 times on the “Up” button, you will see that the rule moves up but the waiting window will only appear when you leave the button for 2 or 3 seconds. And at the end, only a single command will be executed. Rules can be moved more much fluidly as such.