Policy Settings

Previous  Next

---

The Policy Settings Tab is used to define the security policies that are required for the Client to communicate with remote hosts or networks that exist for this site configuration.

Automatic Policy Configuration

When a remote gateway is configured to support the Configuration Transaction Exchange, it should be able to provide a list of hosts and networks that are accessible via this site configurations Client Gateway. This network topology information, along with the client address automatically obtained or manually configured in the Client Settings tab, are used to describe the security policies for this site configuration. The default value for this setting is Enabled.

Remote Network Topology List

There are two options available for configuring a Remote Network Topology List.

Topology Inclusion List

When an Inclusion List is used, it defines the hosts and networks that are assumed to be accessible via this site configurations Client Gateway.

Topology Exclusion List

When an Exclusion List is used, all traffic is sent to the remote peer by default unless it the destination is a host or peer defined in the list.

Managing the Network Topology List

You can Add, Modify or Delete Network Topology List entries by using the buttons shown at the bottom of the Policy Configuration dialog. These buttons will be grayed out if Automatic Policy Configuration option is Enabled.

The Policy Entry Dialog

The Policy Entry Dialog is used whenever you are adding or modifying a policy list entry. Simply configure the Entry Type as either a Network or Address and enter the required information. When you are finished editing the Policy Entry, press the OK button to accept the entry data or the Cancel button to discard it.