Configure Threat Defense Service Policies

You can use Threat Defense Service Policies to apply services to specific traffic classes. For example, you can use a service policy to create a timeout configuration that is specific to a particular TCP application, as opposed to one that applies to all TCP applications. A service policy consists of multiple actions or rules applied to an interface or applied globally.

Procedure

Step 1

Choose Policies > Access Control, and click Edit (edit icon) for the access control policy whose Threat Defense Service Policy you want to edit.

Step 2

Click Advanced Settings from the More drop-down arrow at the end of the packet flow line.

Step 3

Click Edit (edit icon) in the Threat Defense Service Policy group.

A dialog box opens that shows the existing policy. The policy consists of an ordered list of rules, separated between global rules (which apply to all interfaces) and interface-based rules. The table shows the interface object and extended access control list name (which combined defines the traffic class for the rule), and the services applied.

Step 4

Do any of the following:

  • Click Add Rule to create a new rule. See Configure a Service Policy Rule.

  • Click Edit (edit icon) to edit an existing rule. See Configure a Service Policy Rule.

  • Click Delete (delete icon) to delete a rule.

  • Click a rule and drag it to a new location to move it. You cannot drag rules between the interface and global lists, instead you must edit the rule to change the interface/global setting. The first rule in the list that matches a connection is applied to the connection.

Step 5

Click OK when you are finished editing the policy.

Step 6

Click Save on Advanced window. The changes are not saved until you click save.