Fortinet white logo
Fortinet white logo

Administration Guide

Managing policies

Managing policies

Policies in policy packages can be created and managed by selecting an ADOM, and then selecting the policy package whose policies you are configuring. For some policy types, sections can be added to the policy list to help organize your policies, and the policies can be listed in sequence, or by interface pairs.

On the Policy & Objects > Policy Packages pane, the tree menu lists the policy packages and the policies in each policy package. The policies that are displayed for each policy package are controlled by the display options. See Display options for more information.

You can configure the following policies for a policy package:

IP policies

Virtual wire pair policy

NAT policies

Proxy policy

Hyperscale policies

Central SNAT

Central DNAT

DoS policies

Interface policies

Multicast policy

Local in policies

Traffic shaping policy

Zero Trust Network Access (ZTNA) rules

Various options are also available from column specific right-click menus, for more information see Column options.

If workspace or workflow is enabled, the ADOM must be locked before changes can be made. See Locking an ADOM.

Not all policy and object options are enabled by default. To configure the enabled options, from the Tools menu, select Display Options.

Section view will be disabled if one or more policies are using the Any interface, or if one or more policies are configured with multiple source or destination interfaces.

Managing policies

Managing policies

Policies in policy packages can be created and managed by selecting an ADOM, and then selecting the policy package whose policies you are configuring. For some policy types, sections can be added to the policy list to help organize your policies, and the policies can be listed in sequence, or by interface pairs.

On the Policy & Objects > Policy Packages pane, the tree menu lists the policy packages and the policies in each policy package. The policies that are displayed for each policy package are controlled by the display options. See Display options for more information.

You can configure the following policies for a policy package:

IP policies

Virtual wire pair policy

NAT policies

Proxy policy

Hyperscale policies

Central SNAT

Central DNAT

DoS policies

Interface policies

Multicast policy

Local in policies

Traffic shaping policy

Zero Trust Network Access (ZTNA) rules

Various options are also available from column specific right-click menus, for more information see Column options.

If workspace or workflow is enabled, the ADOM must be locked before changes can be made. See Locking an ADOM.

Not all policy and object options are enabled by default. To configure the enabled options, from the Tools menu, select Display Options.

Section view will be disabled if one or more policies are using the Any interface, or if one or more policies are configured with multiple source or destination interfaces.