Creating a policy for use with any virtual circuit
Use the instructions that follow to create a policy for general use. Once created, it can be applied to any virtual circuitlogical definitions that partition a a physical network circuit and used to determine what traffic passes through it and how much.
Before you begin
Some of the following steps require understanding that is not included in the instructions. You should consult the following, where needed:
- Configuring a policy to accelerate traffic
- Configuring a policy to discard (block) traffic
- Configuring a policy to redirect HTTP traffic to an HTTP Response webpage
- Configuring a policy to redirect HTTP traffic to a URL
To create a policy in the Exinda Web UI
- Go to Configuration > Optimizer. The right side of the screen refreshes.
- Select the Policies tab.
- In the Policy Name field, type a suitable name for the policy.
- Optionally, specify a Schedule.
NOTE
The default is "ALWAYS". Schedules that have been defined will appear in the drop-down list. If necessary. you can create schedules by going to Configuration > Objects > Schedules.
- Specify the Action.
- Optimize – Perform traffic shaping, acceleration, or packet marking on the traffic
- Discard – Discard the packets effectively blocking the traffic
- Ignore – Perform no action on the packets allowing them to pass through the appliance unaffected. This setting is effective for a monitor only mode. Note that this option should not be used for policies within a dynamic virtual circuit.
- Return HTML Response – Present the webpage defined in the HTML response object to the source web browser.
- HTTP Redirect – Redirect the packets to a specified URL effectively presenting the URL to the network client.
NOTE
Each of the policy actions comes with its own set of options.
- Complete the additional settings as required by the action.
- Enter the Filter Rules. Any of the following fields may be used to specify how to filter the traffic.
- VLAN– Select traffic based on 802.1Q VLAN ID and/or 802.iP VLAN priority tag using a pre-defined VLAN object.
- Source/Direction/Destination– Select traffic based on one end of the conversation belonging to a predefined network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component (static or dynamic) or select traffic based on one way or two way conversations between two predefined network objects. For the first host, select a network object that filters for the initiation of a conversation. For the second host, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance.
- ToS/DSCPDifferentiated Services Code Point– Select traffic based on particular ToS/DSCP marks in the IPInternet protocol header.
- Application– Select traffic based on a predefined application object or application group.
NOTE
- By default, initially only four filter rules can be created per policy. If more are required, fill out the first four rules, save the Policy, then edit the Policy and four more lines will become available.
- To delete individual filter rules, set all the fields for that filter rule to blank.
- Click Add New Policy to add this policy to the policy tree. The policy will also be added to the policy librarythe Exinda repository for network objects and their definitions.
- For each virtual circuit where the policy is required, on the bottom row, open the Policy drop-down list, select the new policy.
- In the adjacent Order field, type a number that would place the policy in the correct position in the tree.
Related Topics
VERSION INFO
Exinda Management Center 1.5.0 does not support policies for HTTP Redirect or HTTP Response.
When you create policies, they are added to the Policies Library. If you amend a policy definition, any changes made to it affect all Virtual Circuits that use that policy. To learn how circuits, virtual circuits, policy sets, and policy rules work together, see Policy Tree.
Where do I find policy rules?
Policy library items can be found in Library > Policies.
Also, the policies linked to appliances can also be found in the policy trees for each appliance group. Go to the desired appliance group's Optimizer Policy Tree.
To create a policy in the EMC configuration Library
- Got to Library > Policies
- Click Create new policy in the library.
- In the Name section, type a name for the policy. The name must be unique within the tenant.
- In the Action section, specify what type of action the rule should take. Select one of the following:
- Optimize– Selecting optimize causes a new action to appear in the UI where you can specify whether you want to apply bandwidth shaping, prioritization, acceleration, or packet marking.
- Discard– Select discard to specify that you want to block a particular type of application by discarding the packets.
- Ignore– Select ignore to specify that you want to allow packets to pass through without manipulation, that is, traffic monitoring only .
- In the Filter section, specify the type of traffic to which you want to apply the policy. Set any of the following traffic attributes.
- Application – Select traffic based on a predefined application or application group from the list. Custom applications that you have created in the library will appear in this drop-down list.
- Source/Direction/Destination – Select traffic based on one end of a conversation belonging to a predefined network object or select traffic based on one way or two way conversations between two predefined network objects. For the source, select a network object that filters for the initiation of a conversation. For the destination, select a network object that filters for the destination of the conversation. If hosts are not specified, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance.
- ToS/DSCP – Select traffic based on particular ToS/DSCP markings in the IP header. When multiple settings are specified, the intersection of those attributes determines whether the traffic is matched.
- Click the Create button. The policy set will be added to the library list.
NOTES
- While creating the policy set, if you create a new policy but cancel creating the policy set, the new policy is retained in the library.
- Some applications may not be compatible with all appliance versions. When an application is not compatible, it does not appear in the drop-down list.