Security rules enforce least privileged access to applications and apply deep packet inspection and decryption services to secure applications and services deployed in a Cloud account. Rules are added as Policy Rulesets and are associated with Valtix Gateways as follows:
- Policy rulesets are cloud account agnostic, enabling multi-cloud security rule management to maintain consistent a security posture across clouds
- Valtix Gateway can only be associated with a single policy ruleset
- A ruleset can be associated with multiple Valtix Gateways
Individual Rules within a policy ruleset use the inventory data from a specific cloud account to apply cloud and regional specific rules to a Valtix Cloud Gateway.
- A dynamic address object with Tags used in a rule resolves to a set of IP addresses on Valtix Gateway 1 in Cloud 1/Region 1 and a different set of IP addresses on Valtix Gateway 2 in Cloud 2/Region 2.
Policy rulesets can be created from the Rules page or the Gateway creation wizard. It's recommended to create a Ruleset first and use this ruleset during the Gateway deployment. Creating a ruleset gives an option to give a descriptive name and description.
Create Policy Ruleset¶
To create a Policy Ruleset:
- Navigate to Manage -> Security Policies -> Rules
- Click Create
- Add a name and description for the policy ruleset
- CLick Save
Once the policy rulesets are created, proceed to add individual Rules.