H3C Technologies H3C SecPath F1000-E User Manual
Page 385
373
Figure 257 Adding a security policy
Table 56 Security policy configuration items
Item Description
Name
Enter a name for the security policy.
Level
Set a level for the security policy. A larger number means a higher level.
If multiple security policies are defined, the system first uses the security policy with the
highest priority to check the user host. If the host does not satisfy the security policy, the
system uses the security policy with the second highest priority, and so forth until the
host satisfies a security policy or fails security check.
The resources that the user can access are those defined in the security policy that the
user first passes. Therefore, when you configure security policies, specify more
resources for a security policy that has a higher level.
Description
Enter a description for the security policy.
Policy Configuration
Set check rules for the security policy.
Check rules fall into seven categories: operating system, browser, antivirus software,
firewall, certificate, file, and process.
To pass the check of a category, a host needs to satisfy at least one rule of the category.
To pass the check of a security policy, a host must satisfy all categories of the policy.
Click the expansion button before a category to view the rule information. Click the
Add button to add a rule for the category. For more information about rule
configuration, see
.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS