Watchguard Fireware XTM WSM User guide

  • Hello! I am an AI chatbot trained to assist you with the Watchguard Fireware XTM WSM User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
WatchGuard System
Manager 11.8 User Guide
Fireware XTM
WatchGuard System Manager
11.8 User Guide
WatchGuard XTMDevices
ii WatchGuard System Manager
About this User Guide
The Fireware XTM WatchGuard System Manager User Guide is updated with each major product
release. For minor product releases, only the Fireware XTM WatchGuard System Manager Help
system is updated. The Help system also includes specific, task-based implementation examples that
are not available in the User Guide.
For the most recent product documentation, see the Fireware XTM WatchGuard System Manager
Help on the WatchGuard web site at: http://www.watchguard.com/help/documentation/.
Information in this guide is subject to change without notice. Companies, names, and data used in
examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or
transmitted in any form or by any means, electronic or mechanical, for any purpose, without the
express written permission of WatchGuard Technologies, Inc.
Guide revised: 10/9/2013
Copyright, Trademark, and Patent Information
Copyright © 1998-2011 WatchGuard Technologies, Inc. All rights reserved. All trademarks or trade
names mentioned herein, if any, are the property of their respective owners.
Complete copyright, trademark, patent, and licensing information can be found in the Copyright and
Licensing Guide, available online at: http://www.watchguard.com/help/documentation/.
This product is for indoor use only.
About WatchGuard
WatchGuard offers affordable, all-in-one network and content
security solutions that provide defense-in-depth and help meet
regulatory compliance requirements. The WatchGuard XTM
line combines firewall, VPN, GAV, IPS, spam blocking and
URL filtering to protect your network from spam, viruses,
malware, and intrusions. The new XCS line offers email and
web content security combined with data loss prevention.
WatchGuard extensible solutions scale to offer right-sized
security ranging from small businesses to enterprises with
10,000+ employees. WatchGuard builds simple, reliable, and
robust security appliances featuring fast implementation and
comprehensive management and reporting tools. Enterprises
throughout the world rely on our signature red boxes to
maximize security without sacrificing efficiency and
productivity.
Address
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
Support
www.watchguard.com/support
U.S. and Canada +877.232.3531
All Other Countries +1.206.521.3575
Sales
U.S. and Canada +1.800.734.9905
All Other Countries +1.206.613.0895
User Guide iii
For more information, please call 206.613.6600 or visit
www.watchguard.com.
User Guide iv
Table of Contents
WatchGuard System Manager 11.8 User Guide 1
Introduction to Network Security 1
About Networks and Network Security 1
About Internet Connections 1
About Protocols 2
About IP Addresses 3
IPv4 Addresses 3
IPv6 Addresses 4
About Slash Notation 5
About Entering Addresses 6
Static and Dynamic IP Addresses 6
About DNS (Domain Name System) 7
About Firewalls 8
About Services and Policies 9
About Ports 10
Introduction to Fireware XTM 11
About Fireware XTM 11
Fireware XTM Components 12
WatchGuard System Manager 12
WatchGuard Server Center 13
Fireware XTM Web UI and Command Line Interface 14
Fireware XTMwith a Pro Upgrade 15
Fireware XTM OS Version Compatibility 16
Fireware XTM on an XTMv Device 17
XTMv Device Limitations 17
Virtual Switch Configuration 17
Hyper-VVirtual Adapter Configuration 17
XTMv Device Installation 18
FIPS Support in Fireware XTM 19
About FIPSMode 19
FIPS Mode Operation and Constraints 19
Service and Support 21
About WatchGuard Support 21
LiveSecurity Service 21
LiveSecurity Service Gold 22
Service Expiration 23
Getting Started 25
Before You Begin 25
Verify Basic Components 25
Get an XTM Device Feature Key 26
Gather Network Addresses 26
Select a Firewall Configuration Mode 27
Decide Where to Install Server Software 28
Install WatchGuard System Manager Software 28
Back up Your Previous Configuration 29
Download WatchGuard System Manager 29
About the Quick Setup Wizard 30
Run the Web Setup Wizard 32
Run the WSM Quick Setup Wizard 36
Complete Your Installation 38
Customize Your Security Policy 39
About LiveSecurity Service 39
Start WatchGuard System Manager 39
Connect to an XTM Device 39
Start WSMApplications 41
Install WSM and Keep an Older Version 43
Install WatchGuard Servers on Computers with Desktop Firewalls 43
Downgrade to an Earlier Version of WSM 44
Step 1 — Uninstall the Current WSM Version 44
Step 2 — Restore the Earlier WSMVersion Server and Database Files 44
Step 3 — Install the Earlier Version of WSM 44
Dynamic IP Support on the External Interface 45
About Connecting the XTM Device Cables 45
Connect to an XTM Device with Firefox v3 46
v WatchGuard System Manager
User Guide vi
Add a Certificate Exception to Mozilla Firefox v3 46
Disable the HTTP Proxy in the Browser 47
Disable the HTTP proxy in Internet Explorer 7.x, or 8.x 48
Disable the HTTP proxy in Firefox 3.x 48
Find Your TCP/IP Properties 48
Find Your TCP/IP Properties on Microsoft Windows XP, Windows 2003, and Windows 7 49
Find Your TCP/IP Properties on Microsoft Windows 8. 49
Find Your TCP/IP Properties on Macintosh OS X 10.x 49
Find Your TCP/IP Properties on Other Operating Systems (Unix, Linux) 49
Configuration and Management Basics 51
About Basic Configuration and Management Tasks 51
About Configuration Files 51
Open a Configuration File 51
Make a New Configuration File 54
Save the Configuration File 55
Run the XTMConfiguration Report 56
Make a Backup of the XTM Device Image 57
Restore an XTM Device Backup Image 59
Use a USB Drive for System Backup and Restore 60
About the USB Drive 60
Save a Backup Image to a Connected USB Drive 60
Restore a Backup Image from a Connected USB Drive 61
Automatically Restore a Backup Image from a USB Drive 61
USB Drive Directory Structure 64
Save a Backup Image to a USB Drive Connected to Your Management Computer 65
Use a USBDrive to Save a Support Snapshot 65
Use an Existing Configuration for a New XTM Device Model 67
Upgrade a Non-e-Series Configuration File For Use With an e-Series or XTM Device 71
Configure a Replacement XTM Device 72
Save the Configuration from the Original XTM Device to a File 72
Get the Feature Key for the Replacement XTM Device 72
Use the Quick Setup Wizard to Configure Basic Settings 73
Update the Feature Key in the Original Configuration File and Save to the New Device 73
Reset an XTM Device 74
Start an XTM Device in Safe Mode 74
Reset an XTM 2 Series or XTM33 to Factory-Default Settings 74
Reset an XTMv VMto Factory-Default Settings 75
Run the Setup Wizard 75
Reset a Firebox Xe-Series Device 76
Start a Firebox X Core or Peak e-Series Device in Safe Mode 76
Reset a Firebox X Edge e-Series to factory-default settings 77
Run the Quick Setup Wizard 77
About Factory-Default Settings 78
About Recovery Mode for XTM 5 and 8 Series 80
Step 1 — Install Fireware XTMOS v11.7.4 on the Management Computer 80
Step 2 — Start the XTMDevice in Recovery Mode 81
Step 3 — Run the WSMQuick Setup Wizard 81
Step 4 — Upgrade Fireware XTMOS 82
Step 5 — Save a Configuration File to the Device 82
Step 6 — Reinstall XTMDevice Certificates 83
About Feature Keys 84
See Features Available with the Current Feature Key 84
Enable Feature Key Synchronization 85
Verify Feature Key Compliance 85
Get a Feature Key for Your XTMDevice 85
Manually Add a Feature Key to Your XTM Device 88
See the Details of a Feature Key 90
Enable Automatic Feature Key Synchronization 91
Download a Feature Key 91
Enable NTP and Add NTP Servers 92
Set the Time Zone and Basic Device Properties 93
About SNMP 94
SNMP Polls and Traps 94
Enable SNMP Polling 95
Enable SNMP Management Stations and Traps 96
About Management Information Bases (MIBs) 98
vii WatchGuard System Manager
User Guide viii
About WatchGuard Passphrases, Encryption Keys, and Shared Keys 99
Create a Secure Passphrase, Encryption Key, or Shared Key 99
XTM Device Passphrases 100
User Passphrases 100
Server Passphrases 100
Encryption Keys and Shared Keys 101
Change XTM Device Passphrases 102
Define XTM Device Global Settings 103
Change the Web UI Port 104
Automatic Reboot 104
Device Feedback 105
Define ICMP Error Handling Global Settings 105
Configure TCP Settings 106
Enable or Disable Traffic Management and QoS 107
Manage Traffic Flow 108
Manage an XTM Device From a Remote Location 108
Upgrade to a New Version of Fireware XTM 111
Install the Upgrade on Your Management Computer 111
Upgrade the XTM Device 111
Use Multiple Versions of Policy Manager 113
Downgrade Fireware XTMOS 114
Use a Saved Backup Image to Downgrade 114
Downgrade Without a Backup Image 114
Use the Quick Setup Wizard to Downgrade Fireware XTMOS 115
About Upgrade Options 119
Subscription Services Upgrades 119
Appliance and Software Upgrades 120
How to Apply an Upgrade 120
About Subscription Services Expiration and Renewal 120
Subscription Renewal Reminders 121
Feature Key Compliance 121
Security Service Expiration Behavior 121
LiveSecurity Service 123
Subscription Expiration and FireCluster 123
Synchronize Subscription Renewals 124
Renew Subscription Services 124
Renew Subscriptions from Firebox System Manager 125
Network Setup and Configuration 127
About Network Interface Setup 127
Network Modes 128
Interface Types 129
About Private IPAddresses 129
About Network Interfaces on the Edge e-Series 130
About IPv6 Support 130
Mixed Routing Mode 132
Configure an External Interface 132
Configure a Trusted or Optional Interface 146
Configure the DHCPv6 Address Pool 157
Configure DHCPv6 Reservations 157
Enable Rapid Commit 158
Configure IPv6 Address Lifetimes 158
About the Dynamic DNS Service 160
Use Dynamic DNS 161
Drop-In Mode 162
Use Drop-In Mode for Network Interface Configuration 163
Configure Related Hosts 164
Configure DHCP in Drop-In Mode 165
Bridge Mode 168
Enable Bridge Mode 170
Allow Management Access from a VLAN 171
Common Interface Settings 172
Disable an Interface 173
Configure DHCPRelay 174
Restrict Network Traffic by MAC Address 175
Add WINS and DNS Server Addresses 176
Add a Secondary Network IPAddress 178
ix WatchGuard System Manager
User Guide x
About Advanced Interface Settings 181
Network Interface Card (NIC)Settings 181
Set Outgoing Interface Bandwidth 183
Set DF Bit for IPSec 184
PMTU Setting for IPSec 184
Use Static MAC Address Binding 185
Find the MAC Address of a Computer 186
About LAN Bridges 186
Create a Network Bridge Configuration 186
Assign a Network Interface to a Bridge 188
About Routing 189
Add a Static Route 189
Read the Route Tables 191
Add Static ARPEntries 194
About Virtual Local Area Networks (VLANs) 195
VLAN Requirements and Restrictions 195
About Tagging 196
About VLANIDNumbers 196
Define a New VLAN 196
Assign Interfaces to a VLAN 201
About Link Aggregation 203
Requirements and Limitations 203
Link Aggregation Modes 203
Configure Link Aggregation 205
Monitor Link Aggregation Interfaces 212
Network Setup Examples 213
Configure Two VLANs on the Same Interface 213
Configure One VLAN Bridged Across Two Interfaces 217
Use the Broadband Extend or 3G Extend Wireless Bridge 221
Multi-WAN 223
About Using Multiple External Interfaces 223
Multi-WAN Requirements and Conditions 223
Multi-WAN and DNS 224
Multi-WAN and FireCluster 224
About Multi-WAN Options 225
Round-Robin Order 225
Failover 225
Interface Overflow 226
Routing Table 226
Modem (XTM2 Series, 3 Series or 5 Series only) 227
Configure Round-Robin 228
Before You Begin 228
Configure the Interfaces 228
Find How to Assign Weights to Interfaces 230
Configure Failover 230
Before You Begin 230
Configure the Interfaces 230
Configure Interface Overflow 232
Before You Begin 232
Configure the Interfaces 232
Configure Routing Table 233
Before You Begin 233
Routing Table mode and load balancing 233
Configure the Interfaces 234
About the XTM Device Route Table 235
When to Use Multi-WAN Methods and Routing 235
Configure Modem Failover 236
Enable Modem Failover 236
Account Settings 237
DNS Settings 239
Dial-Up Settings 240
Advanced Settings 240
Link Monitor Settings 240
Advanced Multi-WAN Settings 242
About Sticky Connections 242
Set a Global Sticky Connection Duration 242
xi WatchGuard System Manager
User Guide xii
Set the Failback Action 243
Set Notification Settings 244
About WAN Interface Status 245
Time Needed for the XTM Device to Update its Route Table 245
Define a Link Monitor Host 245
Network Address Translation (NAT) 247
About Network Address Translation 247
Types of NAT 248
About Dynamic NAT 248
Add Network Dynamic NAT Rules 250
Configure Policy-Based Dynamic NAT 253
About Dynamic NATSource IPAddresses 256
About 1-to-1 NAT 258
About 1-to-1 NAT and VPNs 259
Configure Firewall 1-to-1 NAT 259
Configure Policy-Based 1-to-1 NAT 261
Configure NAT Loopback with Static NAT 263
Add a Policy for NATLoopback to the Server 264
NAT Loopback and 1-to-1 NAT 265
About SNAT 268
Configure Static NAT 268
Configure Server Load Balancing 273
1-to-1 NAT Example 281
Wireless XTMDevice Setup 283
About Wireless XTMDevice Configuration 283
Wireless XTMDevice Configuration Options 284
Before You Begin 285
About Wireless Configuration Settings 287
Enable/Disable SSID Broadcasts 288
Change the SSID 288
Log Authentication Events 288
Change the Fragmentation Threshold 288
Change the RTS Threshold 290
About Wireless Security Settings 290
Set the Wireless Authentication Method 290
Use a RADIUS Server for Wireless Authentication 292
Use the XTMDevice as an Authentication Server for Wireless Authentication 293
Set the Encryption Level 294
Enable Wireless Connections to the Trusted or Optional Network 296
Enable a Wireless Guest Network 298
Enable a Hotspot on an XTMWireless Access Point 302
Configure Your External Interface as a Wireless Interface 303
Configure the Primary External Interface as a Wireless Interface 303
Configure a BOVPN tunnel for additional security 305
About Wireless Radio Settings 306
Country is Set Automatically 307
Select the Band and Wireless Mode 309
Select the Channel 309
Configure the Wireless Card on Your Computer 310
Rogue Access Point Detection 310
Enable Rogue Access Point Detection 311
Add an XTMWireless Device as a Trusted Access Point 316
Find the Wireless MACAddress of a Trusted Access Point 319
Rogue Access Point Scan Results 320
WatchGuard AP Device Setup 321
Wireless Access Point Types 321
About AP Device Configuration 322
SSIDConfiguration 322
APDevice Configuration 323
WatchGuard AP Device Requirements and Limitations 323
Requirements 323
Limitations 323
Plan your Wireless APDevice Deployment 324
Wireless Site Survey 325
Wireless Modes and Channels 327
Wireless Signal Strength and Noise Levels 329
xiii WatchGuard System Manager
User Guide xiv
Wireless Environmental Factors 330
Wireless Placement 331
WatchGuard AP Device Deployment Overview 332
Deploy APDevices Without VLANTagging 333
Deploy APDevices With VLANTagging Enabled 336
Configure VLANs for WatchGuard AP Devices 339
When to Enable VLANTagging in SSIDs 339
ConfigureVLANs on the XTMDevice 339
Configure VLANs on a Managed Switch 341
About APStation Isolation 342
Station Isolation for a Single AP Device 342
Station Isolation for Multiple AP Devices 342
Example — Station Isolation and Roaming 343
About APDevice Activation 347
Automatic Activation 347
Manual Activation 347
About APDevice Passphrases 348
Pairing Passphrase 348
WatchGuard APPassphrase 348
Passphrases and Pairing 348
Resolve a Passphrase Mismatch 349
Configure AP Devices in the Gateway Wireless Controller 350
Enable the Gateway Wireless Controller 350
Set the Diagnostic Log Level 351
Configure WatchGuard APDevice SSIDs 352
Configure SSIDSecurity Settings 354
WatchGuard AP Device Discovery and Pairing 358
Configure APDevice Settings 360
Configure AP Device Radio Settings 364
Configure Gateway Wireless Controller Settings 368
Configure MACAccess Control 371
Unpair an AP Device 373
Monitor AP Device Status 374
See APConnection Status and Uptime 374
See AP Radio Frequency and Channel 375
See the APActivation Status 375
See APDevice Network Statistics 376
See Log Messages on an APDevice 377
Reboot an AP Device 377
Perform a Site Survey 378
Monitor Wireless Clients 380
Enable a Hotspot on an AP Device 381
Reset the WatchGuard AP Device 381
Reset the WatchGuard APDevice with the Reset Button 382
Reset the WatchGuard AP Device from the Access Point Web UI 382
Unpair the WatchGuard AP Device 382
Add an HTTPSPolicy for Access Point Web UI Connections 383
Use the WatchGuard Access Point Web UI 383
Connect to the WatchGuard Access Point Web UI 384
Verify the Current AP Device Settings 385
Manage Network Settings 386
Change the Access Point Passphrase 387
Upgrade the AP Device Firmware 387
Save or Revert Configuration Changes 388
WatchGuard APDevice Deployment Examples 388
WatchGuard AP Device Deployment with a Single SSID 389
WatchGuard APDevice Deployment with Multiple SSIDs 393
WatchGuard APDevice Deployment with VLANs 399
Dynamic Routing 411
About Dynamic Routing 411
Dynamic Routing Protocols 411
Dynamic Routing Policies 411
Monitor Dynamic Routing 412
About Routing Daemon Configuration Files 412
About Routing Information Protocol (RIP) 412
Routing Information Protocol (RIP) Commands 413
xv WatchGuard System Manager
User Guide xvi
Configure the XTM Device to Use RIP 415
Sample RIP Routing Configuration File 417
About Open Shortest Path First (OSPF) Protocol 419
OSPF Commands 419
OSPF Interface Cost Table 422
Configure the XTM Device to Use OSPF 423
Sample OSPF Routing Configuration File 425
About Border Gateway Protocol (BGP) 428
BGP Commands 429
Configure the XTM Device to Use BGP 431
Sample BGP Routing Configuration File 434
FireCluster 437
About WatchGuard FireCluster 437
FireCluster Status 439
About FireCluster Failover 439
Events that Trigger a Failover 439
What Happens When a Failover Occurs 440
FireCluster Failover and Server Load Balancing 441
FireCluster Failover and Dynamic Routing 441
Monitor the Cluster During a Failover 442
Features Not Supported for a FireCluster 442
FireCluster Network Configuration Limitations 442
FireCluster Management Limitations 442
Supported XTM Models for FireCluster 442
About FireCluster Management IPAddresses 443
Use the Management IP Address to Restore a Backup Image 445
Use the Management IP Address to Upgrade from an External Location 445
The Management IPAddress and the WatchGuard Policy 445
About FireCluster on XTM Wireless Devices 446
Configure FireCluster 446
FireCluster Requirements and Restrictions 447
Cluster Synchronization and Status Monitoring 447
FireCluster Device Roles 448
FireCluster Configuration Steps 448
Before You Begin 449
Connect the FireCluster Hardware 451
Switch and Router Requirements for an Active/Active FireCluster 452
Use the FireCluster Setup Wizard 459
Configure FireCluster Manually 465
Find the Multicast MAC Addresses for an Active/Active Cluster 472
Active/Passive Cluster ID and the Virtual MAC Address 473
Monitor and Control FireCluster Members 474
Monitor Status of FireCluster Members 475
Monitor and Control Cluster Members 475
Monitor Cluster Health 477
Discover a Cluster Member 478
Force a Failover of the Cluster Master 479
Reboot a Cluster Member 481
Shut Down a Cluster Member 481
Connect to a Cluster Member 482
Make a Member Leave a Cluster 483
Make a Member Join a Cluster 484
Remove or Add a Cluster Member 485
Remove a Device from a FireCluster 485
Add a New Device to a FireCluster 486
Update the FireCluster Configuration 486
Configure FireCluster Advanced Settings 488
Configure Logging and Notification 488
Change the Lost Heartbeat Threshold 488
Use Hardware Status as a Criteria for FireCluster Failover 488
About Feature Keys and FireCluster 489
See the Feature Keys and Cluster Features for a Cluster 491
See or Update the Feature Key for a Cluster Member 492
See the FireCluster Feature Key in Firebox System Manager 494
Create a FireCluster Backup Image 495
Restore a FireCluster Backup Image 496
xvii WatchGuard System Manager
User Guide xviii
Make the Backup Master Leave the Cluster 496
Restore the Backup Image to the Backup Master 496
Restore the Backup Image to the Cluster Master 497
Make the Backup Master Rejoin the Cluster 497
Upgrade Fireware XTM for FireCluster Members 498
Disable FireCluster 500
Authentication 501
About User Authentication 501
User Authentication Steps 502
Manage Authenticated Users 504
Use Authentication to Restrict Incoming Traffic 505
Use Authentication Through a Gateway Firebox 506
About the WatchGuard Authentication (WG-Auth) Policy 507
Set Global Firewall Authentication Values 507
Specify Firewall Authentication Settings 507
Set Global Authentication Timeouts 508
Allow Unlimited Concurrent Login Sessions 509
Limit Login Sessions 509
Specify the Default Authentication Server in the Authentication Portal 511
Automatically Redirect Users to the Authentication Portal 511
Use a Custom Default Start Page 512
Set Management Session Timeouts 512
About Single Sign-On (SSO) 513
The WatchGuard SSO Solution 513
Example Network Configurations for SSO 516
Before You Begin 519
Set Up SSO 520
Install the WatchGuard Single Sign-On (SSO) Agent 520
Configure the SSO Agent 522
Use Telnet to Debug the SSO Agent 532
Install the WatchGuard Single Sign-On (SSO) Client 535
Install the WatchGuard SSOExchange Monitor 536
Enable Single Sign-On (SSO) 537
Install and Configure the Terminal Services Agent 542
About Single Sign-On for Terminal Services 543
Before You Begin 544
Install the Terminal Services Agent 544
Configure the Terminal Services Agent 545
Configure Terminal Services Settings 549
Authentication Server Types 551
About Third-Party Authentication Servers 551
Use a Backup Authentication Server 551
Configure Your XTM Device as an Authentication Server 552
Types of Firebox Authentication 552
Define a New User for Firebox Authentication 556
Define a New Group for Firebox Authentication 559
Configure RADIUS Server Authentication 561
Authentication Key 561
RADIUSAuthentication Methods 561
Before You Begin 561
Use RADIUSServer Authentication with Your XTM Device 561
How RADIUS Server Authentication Works 563
Configure RADIUS Server Authentication with Active Directory Users and Groups For
Mobile VPN Users 566
WPA and WPA2 Enterprise Authentication 569
Configure VASCO Server Authentication 569
Configure SecurID Authentication 572
Configure LDAP Authentication 574
About LDAP Optional Settings 576
Configure Active Directory Authentication 577
Add an Active Directory Authentication Domain and Server 577
About Active Directory Optional Settings 581
Edit an Existing Active Directory Domain 582
Delete an Active Directory Domain 583
Find Your Active Directory Search Base 584
Change the Default Port for the Active Directory Server 585
xix WatchGuard System Manager
User Guide xx
Use Active Directory or LDAP Optional Settings 586
Before You Begin 586
Specify Active Directory or LDAP Optional Settings 586
Use a Local User Account for Authentication 591
Use Authorized Users and Groups in Policies 591
Define Users and Groups for Firebox Authentication 591
Define Users and Groups for Third-Party Authentication 591
Allow Unlimited Concurrent Login Sessions 593
Limit Login Sessions 593
Add Users and Groups to Policy Definitions 594
Enable a Hotspot 595
Configure User Timeout Settings 597
Select the Hotspot Type 597
Configure the Hotspot Custom Page 598
Connect to a Hotspot 600
See Hotspot Connections 601
About Hotspot External Guest Authentication 604
Before You Begin 604
Configuration 605
External Guest Authentication Example 605
Configure a Web Server for Hotspot External Guest Authentication 608
Configure the Hotspot for External Guest Authentication 615
Troubleshoot Hotspot External Guest Authentication 617
Policies 619
About Policies 619
Packet Filter and Proxy Policies 619
Add Policies to Your XTM device 620
About Policy Manager 620
Open Policy Manager 622
About Policy Manager Views 623
Change Colors Used for Policy Manager Text 627
Find a Policy by Address, Port, or Protocol 629
About the Outgoing Policy 629
/