Policies List Page

You reach the Policies List page by choosing Manage Policies for the Select Task field on the Login Page before you click the login button or by clicking the Policies button on the administration GUI's navigation bar.

You can move to the SunScreen Information page, display the online documentation, or log out by clicking the appropriate button on the administration navigation bar

The Policies List page, shown in FIGURE 5-9, allows you to add a new policy or to edit, copy, rename, delete, and backup a particular policy to a local file; to restore a policy from a local file; and to initialize HA.

The Policies List page identifies the policies that have been stored for a Screen. The List Policies page has two instructions under the top or navigation bar: "To edit a policy select one from the table and click the `Edit' button," and "For other tasks select from the top panel buttons."

Figure 5-9 Policies List Page

Policies List Panel

Below the Policies List banner is a panel consisting of three columns that show:

1. The name - You must click a name of a policy that you want to edit in this column. The term "-Currently Active-" appears in this column for the active policy and the name and the version of the active policy appears in the version column.

2. The version (if present) - The version lists the versions of policies for your system.

3. The active policy information (if present).

The Policies List panel lists the policies that have been set up for a particular Screen. The active policy is the first policy in the list of policies and is automatically highlighted when you first come to this page. You can edit inactive Screen policies by clicking the name of an entry in the Policies List panel to highlight it, then click one of the controls at the bottom of the Policies List page.

Types of Policies

The types of policies are:

• Regular Policies - Policies that share common objects with other regular policies.

• Versioned Policies - A policy with a version number is displayed by clicking the button next to the regular policy name in the first column of Policies List Panel of the Policies List Page. Clicking the reverse arrow hides the versions of a policy. A policy with a version number contains a snapshot of the common objects that are embedded in the saved policy. The name of the policy contains a dot followed by an incremental number. The higher the number, the later the version. Versioned policies cannot be modified, but their rules can be extracted to a new policy.

• Currently Active Policy - This policy is extracted from the active policy. The currently active policy cannot be modified. If you click the currently active policy and highlight it, the edit button retains the (RO) designation to show that it is read only. A Save As button appears on the Policy Name line on the Packet Filtering tab of the Policy Rules panel. You can save any modifications to the currently active policy as a new policy. A Save As button appears on the Common Objects panel. You can save the common objects of this policy to replace the current common objects associates with regular policies. FIGURE 5-10 shows these Save As buttons.

Figure 5-10 Policy Rules Page Showing the Save As Buttons for the Currently Active Policy

This allows you to make the common objects embedded in this version of the policy the current common objects, overwriting the existing set of common objects.

This approach allows you to save only the rules part of the versioned policy so that:

• These rules become the current rules for this policy, for example the rules for policy Initial.10 can be made the rules for the current version of Initial.

• You can copy the rule to a new name.

  ---

  Note -

  The rules created in this way are used with the current set of common objects. On verifying this policy, you may have to fix any inconsistencies.

  ---

The difference in behavior between Save As and Edit(RO) is that Save As affects the current policy only and Edit(RO) affects a policy version. With Edit(RO), you have the additional choice of making the rules the current rules for the policy.

Policies List Page Action Buttons

describes the action buttons for the Policies List page.

Table 5-12 Action Buttons on the Policies List Page

Control	Description
Add New button	Opens a dialog box that prompts you for the name of the policy that you want to add. The name for this new policy appears on the policies list panel. You add the rules for the new policy on the Policy Rules page.
Edit button	Opens the Policy Rules page for the policy that you have highlighted and allows you to change the parameters. If the Edit button displays (RO), it means that the policy that you highlighted is read-only. The read-only mode applies only to the active policy and the policy versions in the version column:  You cannot modify an active policy. You must click the name (the first column of the policies list panel) to highlight the policy that you want to edit.
Copy button	Opens a dialog box that prompts you for the new name of the policy to which you want to copy the information from the policy that you highlighted on the Policies List panel.
Rename button	Opens a dialog box asking for the new name you want to assign to the selected policy on the Policies List panel.
Delete button	Opens a dialog box asking you to confirm you want to delete the selected policy on the Policies List panel.
Activate button	Activates the selected policy on the Policies List panel for the Screen. After you click the Activate button, the version and active policy information are updated in the highlighted row.
Backup All button	Opens the Backup All dialog box, which enables copying the policies to a file or diskette. You cannot use the Backup All button if you are using a browser whose security restrictions do not allow access to the file system from applets. Most browsers have plug-in modules that permit you to back up your policies to a local file or diskette.  The backup medium contains copies of the local identities (the encryption keys and certificates) and must be stored securely and disposed of securely to avoid compromising your security.
Restore All button	Opens the Restore All dialog box, which enables restoring the policies from a file or diskette. The restore operation causes the information from the backup file to overwrite all current policy information. You cannot use the Restore All button if you are using a browser whose security restrictions do not allow access to the file system from applets.
Initialize HA button	Opens the Initialize HA dialog box. This dialog box contains the statements that you need to be connected to the HA primary to perform this operation and that you must select the interface you would like to be the HA interface for the primary. This dialog box presents a choice list of all the interfaces available.
Help button	Opens the online help.