Policies
Policies define what actions to perform on specific traffic. The policies can specify whether to optimize the traffic (by bandwidth shaping, acceleration, or packet marking), block the traffic (by discarding the packets), or monitor the traffic (by ignoring the packets). The traffic that the policy affects can be filtered by:
- Application or application group
- Hosts or subnets
- Hosts or subnets that are communicating with other specific hosts or subnets
- VLAN
- ToS/DSCPDifferentiated Services Code Point markings
- Time of day
Any combination of these filters can be applied. For example, the policy could target SAP traffic between a particular branch and headquarters that has particular ToS markings on a particular VLAN during work hours. Furthermore, you can add more than one filter. That is, the policy could target a particular branch site for Netflix and the same branch site for Silverlight.
VERSION INFO
Exinda Management Center 1.5.0 does not support policies for HTTP Redirect or HTTP Response.
When you create policies, they are added to the Policies Library. If you amend a policy definition, any changes made to it affect all Virtual Circuits that use that policy. To learn how circuits, virtual circuits, policy sets, and policy rules work together, see Policy Tree.
Where do I find policy rules?
Policy librarythe Exinda repository for network objects and their definitions items can be found in Library > Policies.
Also, the policies linked to appliances can also be found in the policy trees for each appliance group. Go to the desired appliance group's Optimizer Policy Tree.
To create a policy in the Configuration Library
- Got to Library > Policies
- Click Create new policy in the library.
- In the Name section, type a name for the policy. The name must be unique within the tenant.
- In the Action section, specify what type of action the rule should take. Select one of the following:
- Optimize– Selecting optimize causes a new action to appear in the UI where you can specify whether you want to apply bandwidth shaping, prioritization, acceleration, or packet marking.
- Discard– Select discard to specify that you want to block a particular type of application by discarding the packets.
- Ignore– Select ignore to specify that you want to allow packets to pass through without manipulation, that is, traffic monitoring only .
- In the Filter section, specify the type of traffic to which you want to apply the policy. Set any of the following traffic attributes.
- Application – Select traffic based on a predefined application or application group from the list. Custom applications that you have created in the library will appear in this drop-down list.
- Source/Direction/Destination – Select traffic based on one end of a conversation belonging to a predefined network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component or select traffic based on one way or two way conversations between two predefined network objects. For the source, select a network object that filters for the initiation of a conversation. For the destination, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance.
- ToS/DSCP – Select traffic based on particular ToS/DSCP markings in the IPInternet protocol header. When multiple settings are specified, the intersection of those attributes determines whether the traffic is matched.
- Click the Create button. The policy set will be added to the library list.
NOTES
- While creating the policy set, if you create a new policy but cancel creating the policy set, the new policy is retained in the library.
- Some applications may not be compatible with all appliance versions. When an application is not compatible, it does not appear in the drop-down list.
To create a new policy set directly in the Optimizer Policy Tree
- Go to (desired appliance group) > Optimizer Policy Tree.
- Click Create new policy set.
- In the Name section, type a name for the policy. The name must be unique within the tenant.
- In the Action section, specify what type of action the rule should take. Select one of the following:
- Optimize– Selecting optimize causes a new action to appear in the UI where you can specify whether you want to apply bandwidth shaping, prioritization, acceleration, or packet marking.
- Discard– Select discard to specify that you want to block a particular type of application by discarding the packets.
- Ignore– Select ignore to specify that you want to allow packets to pass through without manipulation, that is, traffic monitoring only .
- In the Filter section, specify the type of traffic to which you want to apply the policy. Set any of the following traffic attributes.
- Application – Select traffic based on a predefined application or application group from the list. Custom applications that you have created in the library will appear in this drop-down list.
- Source/Direction/Destination – Select traffic based on one end of a conversation belonging to a predefined network object or select traffic based on one way or two way conversations between two predefined network objects. For the source, select a network object that filters for the initiation of a conversation. For the destination, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance.
- ToS/DSCP – Select traffic based on particular ToS/DSCP markings in the IP header. When multiple settings are specified, the intersection of those attributes determines whether the traffic is matched.
- Click the Save button. The policy set is added to the Policy Tree and is also saved to the configuration library.
To add a policy set from the library to a Policy Tree
- Go to (desired appliance group) > Optimizer Policy Tree.
- Click Add policy set from library.
- Select the desired policy set from the drop-down list.