Using Existing Security Policies

Select

Use Existing

and select the policy to use from the drop-down list.

For L3 Inbound/Application topology, select the policy type from the

Provider

list. Only the published policies for the provider are populated in the second drop-down list. Select the policy to use from the second drop-down list.

The rules already associated with the policy are displayed. Click

Add

to create a new security policy rule.

Select a condition from the first dropdown list for which you want to configure the rule. Specify conditions, match type (match any/match all), operators (

is

) or (

is not

) that compares or negates the selected value, and choose the action (reject/allow/abort) for that traffic. Select a service chain and specify if SSL proxy traffic will be intercepted or bypassed. Use the

+

sign to add additional conditions and the

x

sign to remove any unwanted rule condition.

Select

Server Certificates Status Check

checkbox to add a new per-request policy agent for server certificate status and to allow administrators to select ignore/mask options and generate a blocking page for untrusted and expired server certificates.

Select

Proxy Connect

if you want to add an upstream explicit proxy to your security rule chaining. You can add multiple proxy devices, or pool members, as necessary.

Click

Save Draft

or

Save & Next

before you leave the screen.