About Policy Properties

Each policy type has a default definition, which consists of settings that are appropriate for most organizations. However, you can modify policy settings for your particular business purposes, or add other settings such as traffic management and operating schedules.

Mobile VPN policies are created and operate in the same way as firewall policies. You must, however, specify a Mobile VPN group for the policy.

Policy Properties in Fireware Web UI

When you add a new policy to your configuration, the Firewall Polices / Add Firewall Policy page automatically appears after you select the policy type and click Add Policy. To set properties for an existing policy, on the Firewall Policies page, double-click the policy to open the Firewall Polices / Edit page.

Settings Tab

On the Settings tab, you can set basic information about a policy, such as whether it allows or denies traffic and set access rules that define the source and destination of traffic the policy handles. You can also configure policy-based routing, static NAT, bandwidth and time quotas, or server load balancing. In Fireware Web UI, the Settings tab also shows the port and protocol for the policy, as well as an optional description of the policy. You can use the settings on this tab to set logging, notification, automatic blocking, and timeout preferences.

For the IMAP-Proxy you also configure TLS Support. To enable content inspection, select an option from the TLS Support drop-down list. For more information, see IMAP-Proxy: TLS.

TLS Support for the IMAP-Proxy is available in Fireware OS v12.1 and higher.

• Set Access Rules for a Policy
• Configure Policy-Based Routing
• Configure Static NAT
• Configure Server Load Balancing
• Set Logging and Notification Preferences
• About Quotas
• Block Sites Temporarily with Policy Settings
• Set a Custom Idle Timeout
• About Policy Tags and Filters

Application Control Tab

On the Application Control tab, you can select the Application Control action for the policy. You can also create a new Application Control action. For more information about Application Control actions in policies, see Enable Application Control in a Policy.

Traffic Management Tab

On the Traffic Management tab, you can select the Traffic Management action for the policy. You can also create a new Traffic Management action. For more information about Traffic Management actions, see Define a Traffic Management Action in v11.8.x and Lower and Add a Traffic Management Action to a Policy.

To apply a Traffic Management action in a policy:

1. Select the Traffic Management tab.
2. From the Traffic Management Action drop-down list, select a Traffic Management action.
   Or, to create a new Traffic Management action, select Create new and configure the settings as described in the topic Define a Traffic Management Action in v11.8.x and Lower.
3. Click Save.

Scheduling Tab

On the Scheduling tab, you can specify an operating schedule for the policy. You can select an existing schedule or create a new schedule.

1. Select the Scheduling tab.
2. From the Schedule Action drop-down list, select a schedule.
   Or, to create a new schedule, select Create New and configure the settings as described in the topics Create Schedules for Firebox Actions and Set an Operating Schedule.
3. Click Save.

Advanced Tab

The Advanced tab includes settings for NAT, QoS, multi-WAN, Connection Rate, and ICMP options.

For more information on the options for this tab, see:

• Apply NAT Rules
• Set the Sticky Connection Duration for a Policy
• Set ICMP Error Handling
• Set Connection Rate Limits
• Enable QoS Marking and Prioritization in a Policy

Each proxy policy has connection-specific settings that you can customize. To modify the settings and rulesets for a proxy action from the proxy configuration, select the Proxy Action tab, and configure the settings for the proxy action.

For more information, see About Rules and Rulesets and the About topic for the specific proxy type.

Policy Properties in Policy Manager

When you add a new policy to your configuration, the New Policy Properties dialog box automatically appears for you to set policy properties. To set properties for an existing policy, in Policy Manager, double-click a policy to open the Edit Policy Properties dialog box.

Policy Tab

Use the Policy tab to set basic information about a policy, such as whether it allows or denies traffic. You can use the Policy tab settings to create access rules that define the source and destination of traffic the policy handles. You can also configure policy-based routing, bandwidth and time quotas, static NAT, or server load balancing. For proxy policies and Application Layer Gateways (ALGs), you can also select and configure proxy actions on this tab.

For more information on the options for this tab, see the following topics:

• Set Access Rules for a Policy
• Configure Policy-Based Routing
• About Quotas
• Configure Static NAT
• Configure Server Load Balancing
• About Proxy Actions (proxy policies and ALGs only)

Properties Tab

The Properties tab shows the port and protocol for the policy, as well as an optional description of the policy. You can use the settings on this tab to set logging, notification, automatic blocking, and timeout preferences. You can also apply Policy Tags to the policy.

For the IMAP-Proxy you also configure TLS Support. To enable content inspection, select an option from the TLS Support drop-down list. For more information, see IMAP-Proxy: TLS.

TLS Support for the IMAP-Proxy is available in Fireware OS v12.1 and higher.

For more information on the options for this tab, see the following topics:

• Set Logging and Notification Preferences
• Block Sites Temporarily with Policy Settings
• Set a Custom Idle Timeout
• About Policy Tags and Filters

Advanced Tab

The Advanced tab includes settings for NAT and Traffic Management (QoS), Connection Rate, as well as multi-WAN and ICMP options. You can also set an operating schedule for a policy and apply traffic management actions.

For more information on the options for this tab, see the following topics:

• Set an Operating Schedule
• Add a Traffic Management Action to a Policy
• Set ICMP Error Handling
• Apply NAT Rules
• Set Connection Rate Limits
• Enable QoS Marking and Prioritization in a Policy
• Set the Sticky Connection Duration for a Policy

To modify the settings and rulesets for a proxy action from the policy configuration, on the Policy tab, to the right of the Proxy action drop-down list, click and select a category of settings.

For more information, see About Rules and Rulesets and the About topic for the specific proxy type.

About the DNS-Proxy	About the IMAP-Proxy
About the FTP-Proxy	About the POP3-Proxy
About the FTP-Proxy	About the SMTP-Proxy
About the H.323-ALG	About the SIP-ALG
About the HTTP-Proxy	About the TCP-UDP-Proxy
About the HTTPS-Proxy

See Also

About Policies

About Proxy Actions

About Policy Manager

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Technical Search

© 2018 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.