Using Existing Security Policies

To use an existing policy:

1. Select Use Existing and select the policy to use from the drop-down list.

2. For L3 Inbound/Application topology, select the policy type from the Provider list. Only the published policies for the provider are populated in the second drop-down list. Select the policy to use from the second drop-down list.

   Note: Any policy not created via SSL Orchestrator Guided Configuration cannot be used for rendering.

   Note: The Provider field is read-only if the configuration is already deployed and you choose the Use Existing option to edit it.

3. The rules already associated with the policy are displayed. Click Add to create a new security policy rule.

4. Select a condition from the first dropdown list for which you want to configure the rule. Specify conditions, match type (match any/match all), operators (is ) or (is not) that compares or negates the selected value, and choose the action (Reject/Allow/Abort/Redirect) for that traffic. Select a service chain and specify if SSL proxy traffic will be intercepted or bypassed. Use the + sign to add additional conditions and the x sign to remove any unwanted rule condition.

   • If you select the Allow option, select a service chain and specify if SSL proxy traffic will be intercepted or bypassed.
   • If you select the Redirect option, specify the remote URL to which you want to redirect the traffic. The traffic is intercepted and redirected to the specified URL. Note: Refer the Using Conditions in Rules section for recommended tips.

   Use the **+**sign to add additional conditions and the xsign to remove any unwanted rule

   condition.

5. Select Proxy Connect if you want to add an upstream explicit proxy to your security rule chaining. You can add multiple proxy devices, or pool members, as necessary.

6. Click Save Draft or Save & Next before you leave the screen.

Parent topic: Security policies