Rank

The enforcement priority of the rule. Rules are evaluated in order of rank, starting with number 1, and the first rule that matches will be enforced. Disabled rules will display "Off" instead of a rank number, but will retain their rank ordering in the list.

Action

The action is what is done to the traffic. Click in the column to see the options and select one to add to the rule.

• Block - The traffic is blocked.
• Allow- The traffic is allowed.

In rules with access roles, you can add a property in the Action field to redirect traffic to the Captive Portal. If this property is added, when the source identity is unknown and traffic is HTTP, the user is redirected to the Captive Portal. If the source identity is known, the Action in the rule (Allow or Block) is enforced immediately and the user is not sent to the Captive Portal. After the system gets the credentials from the Captive Portal, it can examine the rule for the next connection.

To redirect HTTP traffic to the Captive Portal:

1. In a rule that uses an access role in the Source column, right-click the Action column and select Edit Properties.

   The Action Properties window opens.

2. Select Redirect HTTP connections.
3. Click OK.

   The Action column shows that a redirect to the Captive Portal occurs.

Track

Choose if the traffic is logged in SmartView Tracker or if it triggers other notifications. Click in the column and the options open. The options include:

• None - Does not record the event
• Logs:
  • Log - Records the event's details in SmartView Tracker. This option is useful for obtaining general information on your network's traffic. There is one log for each session. It shows one URL and one or more suppressed logs.
  • Extended Log - Consolidates logs by session (shows the number of suppressed logs) and includes data for each URL connection in the session time frame. Each of the URLs has an entry in the URLs tab in SmartView Tracker. Using this option can have an affect on performance.
  • Complete Log - Records events for each URL request made regardless of session. Each URL connection has its own log.
• Account - Records the event in SmartView Tracker with byte information
• Alert - Logs the event and executes a command, such as display a popup window, send an email alert or an SNMP trap alert, or run a user-defined script as defined in Policy > Global Properties > Log and Alert > Alert Commands
• Mail - Sends an email to the administrator, or runs the mail alert script defined in Policy > Global Properties > Log and Alert > Alert Commands
• SNMP Trap - Sends a SNMP alert to the SNMP GUI, or runs the script defined in Policy > Global Properties > Log and Alert > Alert Commands
• User Defined Alert - Sends one of three possible customized alerts. The alerts are defined by the scripts specified in Policy > Global Properties > Log and Alert > Alert Commands

Name

Give the rule a descriptive name. The name can include spaces.

Double-click in the Name column of the rule to add or change a name.

Source

The source is where the traffic originates. The default is Any.

Put your mouse in the column and a plus sign shows. Click the plus sign to open the list of network objects and select one or multiple sources. The source can be an Access Role object, which you can define when Identity Awareness is enabled.

Destination

Choose the destination for the traffic. The default is the Internet, which includes all traffic with the destination of DMZ or external.

To choose other destinations, put your mouse in the column and a plus sign shows. Click the plus sign to open the list of network objects and select one or multiple destinations.