What Are Security Policies?

This section describes the definition and functions of security policies.

The basic function of the FW is to control the access to and from the network to protect the specific network against attacks from the untrusted network, but allow the two networks to communicate with each other. Access control is implemented on the FW through the security policy technology.

Security policies are the core feature of the FW. The security policies are used to check the data flows that pass through the FW. Only the valid traffic that matches the security policies can be forwarded through the FW, as shown in Figure 1.

Figure 1 Security policies configured on the FW

Security policies are control rules that consist of matching conditions (such as 5-tuples, users, and time ranges) and actions. After receiving traffic, the FW identifies traffic attributes (such as 5-tuples, users, and time ranges), and matches the traffic attributes with the matching conditions of security policies. If all the conditions of a policy are met, the traffic matches the policy. The FW takes the action in the matched security policy.

• If the action is permit, the FW processes the traffic as follows:

  • If content security detection is not configured, the FW allows the traffic to pass through.
  • If content security detection is configured, the FW determines whether to permit the traffic based on the content security detection result.

• If the action is deny, the FW does not allow the traffic to pass through.