Introduction

In a NetScreen firewall, a policy is the fundamental core of access control. In this section we will explore the basic principles of a policy and how to create them. All firewall devices uses some sort of statement that provides access control between two segments of a network. Each product implements access control differently. If you have experience with any firewall product, then NetScreen policies should come easy for you. If you have never had the opportunity to create a network access control policy before, this section will help you understand the principles of access control as well as the methodology of creating a policy.

First we will look at the definition of a policy and what creating one really means. We will also look into the theory of access control and specific methodologies behind allowing or denying access to network resources. In the second part of this section we will review what makes up a policy on a NetScreen firewall. Every policy must have several basic components before it can be created. We will look at each component and how to create them on your firewall.

Much like building a house, NetScreen firewalls use different components to build policies. There are several required components for a policy. In this chapter we will look at these components and how to create them for use in a policy. Components can be created via the Web user interface (WebUI) or the command line interface (CLI). Each method generates the same result,...