A security policy is a set of rules used to protect a network. An administrator can configure security policies in the system to control network access behavior, protect a specific network against attacks from an "untrusted" network, and allow legitimate communication between two networks. The security policy is the core security function of a device. It checks the data flows passing through the device, permits legitimate traffic that complies with the security policy, and blocks illegitimate traffic to ensure network security through access control.
How do I Create a Security Policy?
A security policy consists of match conditions and actions. After receiving a packet, a device matches the packet attributes against the match conditions of the security policy. If all conditions are matched, the packet successfully matches the security policy, and the device processes the packet and subsequent bidirectional traffic according to the action defined in the security policy. As such, you need to set appropriate match conditions and the corresponding actions during the creation of a security policy.
Composition of a security policy
For more information, see Security Policy
