Applies To: Cloud-managed Fireboxes
In a firewall policy for a cloud-managed Firebox, the Advanced policy settings include these settings:
In the Description text box, you can optionally type a policy description.
WebSocket connections allow bidirectional communication between a client and server over a single TCP connection, which enables more efficient data transfer. You can specify whether to allow connections that use WebSocket protocol in Outbound policies. WebSocket connections are disabled by default.
To allow WebSocket connections on Outbound policies, select the Allow WebSocket Connections check box.
For more information about the WebSocket Protocol, go to RFC 6455.
Idle timeout defines the maximum length of time that a connection can stay active when no traffic is sent through the connection. For information about this policy setting, go to Configure a Custom Idle Timeout in a Firewall Policy.
Firewall policies use dynamic NAT to map private IP addresses to public IP addresses. Policy dynamic NAT settings control how the Firebox applies dynamic NAT to traffic handled by the policy. For information about policy dynamic NAT settings, go to Configure Dynamic NAT in a Firewall Policy.
Global WAN settings control how the Firebox routes outbound traffic when multiple external networks are configured. The sticky connection setting controls how long a connection continues to use the same WAN interface. To override the global WAN sticky connection setting, you can configure a policy with a custom sticky connection. For information about this policy setting, go to Configure Sticky Connection Settings in a Firewall Policy.
You can create a limit on a firewall policy so that it filters only a specified number of connections per second. When you configure this feature, the Firebox denies traffic for any additional connections and generates log messages and optional notifications. For more information about how to configure these settings, go to Configure a Connection Rate Limit in a Firewall Policy.
You can enable notifications if you want the Firebox to send an alert log message or an SNMP trap when traffic matches the policy. For information about how to configure this setting, go to Configure Notifications in a Firewall Policy.
To configure advanced settings in a firewall policy:
- Add or edit a policy. For more information, go to Configure Firewall Policies in WatchGuard Cloud.
- In the policy configuration, select the Advanced tab.
- Configure the advanced settings.
- To save the policy, click Save.