Fortinet black logo

Administration Guide

Managing policies

Managing policies

Policies in policy packages can be created and managed by selecting an ADOM, and then selecting the policy package whose policies you are configuring.

For some policy types, sections can be added to the policy list to help organize your policies, and the policies can be listed in sequence, or by interface pairs. When creating a section, you can optionally assign the section title a color to help better organize your policies.

On the Policy & Objects > Policy Packages pane, the tree menu lists the policy packages and the policies in each policy package. The policies that are displayed for each policy package are controlled by the feature visibility. See Feature visibility for more information.

You can configure the following policies for a policy package:

Firewall policy

Firewall virtual wire pair policy

SSL inspection and authentication policy

Virtual wire pair SSL inspection and authentication policy

Security policy

Security virtual wire pair policy

Proxy policy

Central SNAT policy

Central DNAT policy

DoS policy

Interface policy

Multicast policy

Local-in policy

Traffic shaping policy

Authentication rule

Zero Trust Network Access (ZTNA) rule

FortiProxy firewall policy

FortiProxy proxy auto-configuration (PAC) policy

Hyperscale policies

Various options are also available from column specific right-click menus, for more information see Column options.

If workspace or workflow is enabled, the ADOM must be locked before changes can be made. See Locking an ADOM.

Not all policy and object options are enabled by default. To configure the enabled options, from the Tools menu, select Feature Visibility.

Section view will be disabled if one or more policies are using the Any interface, or if one or more policies are configured with multiple source or destination interfaces.

Managing policies

Policies in policy packages can be created and managed by selecting an ADOM, and then selecting the policy package whose policies you are configuring.

For some policy types, sections can be added to the policy list to help organize your policies, and the policies can be listed in sequence, or by interface pairs. When creating a section, you can optionally assign the section title a color to help better organize your policies.

On the Policy & Objects > Policy Packages pane, the tree menu lists the policy packages and the policies in each policy package. The policies that are displayed for each policy package are controlled by the feature visibility. See Feature visibility for more information.

You can configure the following policies for a policy package:

Firewall policy

Firewall virtual wire pair policy

SSL inspection and authentication policy

Virtual wire pair SSL inspection and authentication policy

Security policy

Security virtual wire pair policy

Proxy policy

Central SNAT policy

Central DNAT policy

DoS policy

Interface policy

Multicast policy

Local-in policy

Traffic shaping policy

Authentication rule

Zero Trust Network Access (ZTNA) rule

FortiProxy firewall policy

FortiProxy proxy auto-configuration (PAC) policy

Hyperscale policies

Various options are also available from column specific right-click menus, for more information see Column options.

If workspace or workflow is enabled, the ADOM must be locked before changes can be made. See Locking an ADOM.

Not all policy and object options are enabled by default. To configure the enabled options, from the Tools menu, select Feature Visibility.

Section view will be disabled if one or more policies are using the Any interface, or if one or more policies are configured with multiple source or destination interfaces.