Manual Chapter :
Using Existing Security Policies
Applies To:
Show Versions
F5 SSL Orchestrator
- 17.1.1
Using Existing Security Policies
To use an existing policy:
- SelectUse Existingand select the policy to use from the drop-down list.
- For L3 Inbound/Application topology, select the policy type from theProviderlist. Only the published policies for the provider are populated in the second drop-down list. Select the policy to use from the second drop-down list.Any policy not created via SSL Orchestrator Guided Configuration cannot be used for rendering.TheProviderfield is read-only if the configuration is already deployed and you choose theUse Existingoption to edit it.
- The rules already associated with the policy are displayed. ClickAddto create a new security policy rule.
- Select a condition from the first dropdown list for which you want to configure the rule. Specify conditions, match type (match any/match all), operators (is) or (is not) that compares or negates the selected value, and choose the action (Reject/Allow/Abort/Redirect) for that traffic. Select a service chain and specify if SSL proxy traffic will be intercepted or bypassed. Use the+sign to add additional conditions and thexsign to remove any unwanted rule condition.
- If you select theAllowoption, select a service chain and specify if SSL proxy traffic will be intercepted or bypassed.
- If you select theRedirectoption, specify the remote URL to which you want to redirect the traffic. The traffic is intercepted and redirected to the specified URL.
Refer theUsing Conditions in Rulessection for recommended tips.Use the+sign to add additional conditions and thexsign to remove any unwanted rulecondition. - SelectProxy Connectif you want to add an upstream explicit proxy to your security rule chaining. You can add multiple proxy devices, or pool members, as necessary.
- ClickSave DraftorSave & Nextbefore you leave the screen.
