Create new policy packages
To create a new global policy package:
- Ensure that you are in the Global ADOM.
- Go to Policy & Objects.
- From the Policy Package dropdown menu, select New or right-click beneath Policy Packages in the tree menu and select New. The Create New Policy Package window opens.
- Enter a name for the new global policy package.
- (Optional) Click the In Folder button to select a folder.
- (Optional) Select the Central NAT checkbox to enable Central SNAT and Central DNAT policy types.
- Click OK to add the policy package.
To create a new policy package:
- Ensure that you are in the correct ADOM.
- Go to Policy & Objects .
- From the Policy Package dropdown menu select New or right-click beneath Policy Packages in the tree menu and select New. The Create New Policy Package window opens.
- Configure the following details, then click OK to create the policy package.
Name
Enter a name for the new policy package.
Central NAT
Select the Central NAT check box to enable Central SNAT and Central DNAT policy types.
NGFW Mode
Select the NGFW mode, Profile-based (default) or Policy-based.
SSL/SSH Inspection
Select an SSL/SSH inspection type from the dropdown list.
This option is only available for version 5.6 and later ADOMs when NGFW Mode is Policy-based.
Consolidated Firewall Mode
Toggle the Consolidated Firewall Mode button to ON to create a consolidated IPv4 and IPv6 policy. By default, the button is turned to OFF.
Policy Offload Level
Select the policy offload level. When configuring hyperscale policies, select Full Offload.
In Folder
Optionally, click the In Folder button to select a folder for the package.
The Consolidated Firewall Mode option is not available in the Global Database. |
After turning the Consolidated Firewall Mode option to ON, and creating a consolidated IPv4 and IPv6 policy, turning the Consolidated Firewall Mode to OFF will make the consolidated IPv4 and IPv6 policy inaccessible. To access the consolidated IPv4 and IPv6 policy, you must keep the Consolidated Firewall Mode option ON. |