06-14-2013 07:24 AM
I am coming from a Checkpoint environment and I am struggling with some of the terminology. I see a number of references in the Getting Started and the Administrator's guides to "Security Policies". To me this implies that I can create a number of policies but it looks like in fact there is only one policy per box and the policy has multiple rules. Am I missing something? Can you create, save and later apply different policies with distinct sets of rules?
Thanks,
Jim
06-24-2013 06:02 PM
Hello,
If all you're trying to do is to save distinct rulebase configurations, first save the current configuration then make whatever rulebase changes required and save the new configuration. Load this new config to the device as/when needed.
You can save the configuration under Device tab-->Setup-->Operations--->save config snapshot.
Hope that helps,
Aditi
06-14-2013 07:43 AM
Hi Jim,
Welcome in PaloWorld 🙂
Security policy is like in all firewall, a rule which, based criteriun (source / Dest + User laptop profile ) allow or block your traffic
Security profile are type of analyse (antivirus, spyware, malware ..) that you will apply on allowed traffic.
Make sense ?
v.
06-14-2013 07:48 AM
Look this doc, it's a good document for starting with palo: https://live.paloaltonetworks.com/docs/DOC-4214
06-14-2013 07:55 AM
Vince,
Thanks.I have read the Getting Started Guide but I am still confused. is it accurate that there is only one security policy or can you create, save and later apply different policies with distinct sets of rules? I was thinking that for instance on the Policies tab I could create and name multiple policies but it looks like the + button is the only add and it is to add rules not new overall policies. Again sorry if this is not making sense as it comes from a different perspective.
thanks,
Jim
06-14-2013 08:02 AM
Maybe I don't understand what you are calling overall policies ..
If you try to find like policy separator, it doesn't exist in palo, in palo, it's done throught tags and use the research bar (on top) for showing only rule you want.
v.
06-24-2013 03:11 PM
Each policy rule is a separate, individual policy. There is no way to group rules together under a singular policy. They are like individual ACLs. They are recognized in the order that they are organized, all traffic that is coming from the source zone to the destination zone is inspected to see if it matches the rule. As Vince said, there are "security profiles" that are created in the objects tab that can be grouped using "security profile groups" and attached to the policy rules but they are part of the policy rule.
The following DOC may help you understand:
https://live.paloaltonetworks.com/docs/DOC-1628
06-24-2013 06:02 PM
Hello,
If all you're trying to do is to save distinct rulebase configurations, first save the current configuration then make whatever rulebase changes required and save the new configuration. Load this new config to the device as/when needed.
You can save the configuration under Device tab-->Setup-->Operations--->save config snapshot.
Hope that helps,
Aditi
06-25-2013 05:59 AM
Thanks. That's what I was looking for. I appreciate everyone's input.
Jim
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
