About Custom Policies
To create a policy to allow or deny a protocol that is not included in one of the predefined policy templates, you must define a custom policy. You can add a custom policy that uses:
- TCP ports
- UDP ports
- An IP protocol that is not TCP or UDP, such as GRE, AH, ESP, ICMP, IGMP, and OSPF. You identify an IP protocol that is not TCP or UDP with the IP protocol number.
To create a custom policy, you must first create a custom policy template that specifies the ports and protocols you want the policy to apply to. Then, you use the custom policy template to create one or more policies where you configure access rules, logging, QoS, and other policy settings.