About Policy Tags and Filters

A policy tag is a label you can apply to your Firewall and Mobile VPN with IPSec policies to help you organize your policies into easy to manage groups. You can apply more than one policy tag to a policy and apply any policy tag to many policies. A policy filter uses the policy tags you have applied to your policies to specify which policies appear in the policy lists on the Firewall and Mobile VPN with IPSec pages.

When you create a policy tag or filter, you must use some combination of these characters in the policy tag or filter name:

  • Uppercase and lowercase letters
  • Numerals
  • Special characters: -, space, _, +, /, *

You can create and apply policy tags and filters in a single Firebox configuration file or a Device Configuration Template. For more information about templates in Policy Manager, go to Create Device Configuration Templates.

Create and Apply Policy Tags

To create a new policy tag, you can either select a policy and create a tag for that policy, or you can create a tag and then apply it to one or more policies. You can select a color for each policy tag to make it easy to identify the policy tag when it appears in the Tags column. This is particularly helpful when you apply more than one policy tag to a single policy. When you create a policy tag, it is added to the Tags List in the Manage Policy Tags dialog box in alphabetical order.

You can apply a policy tag from the policy list or when you define the properties in the policy configuration. If you apply more than one policy tag to a policy, the tags appear in alphabetical order in the Tags column of the policy list and in the Tags list of the policy properties. Capitalized tags appear in the list before lowercase tags.

Create and Apply a Policy Tag from the Policy List

  1. On the Firewall or Mobile VPN with IPSec page, select one or more policies in the policy list.
  2. Select Action > Add Tag to Policy > New.
    The New Policy Tag dialog box appears.

Screen shot of the New Policy Tag dialog box

  1. In the Name text box, type a descriptive name for the tag.
  2. To specify a color for this policy tag, select a color from the palette.
  3. Click OK.
    The tag is applied to the policies you selected and appears in the Tags column for those policies. The tag also appears in the Manage Policy Tags Tag List.
  1. On the Firewall or Mobile VPN with IPSec page, select one or more policies in the policy list.
  2. Right-click and select Policy Tags > Add to policy > New.

Screen shot of the Policy Tags context menu

Or, select View > Policy Tags > Add to policy > New.
The New Policy Tag dialog box appears.

Screen shot of the New Policy Tag dialog box

  1. In the Name text box, type a descriptive name for the tag.
  2. To specify a color for this policy tag, click Color and select a color from the palette.
  3. Click OK.
    The tag is applied to the policies you selected and appears in the Tags column for those policies. The tag also appears in the Manage Policy Tags Tag List.

Add a Policy Tag to the Tag List

To create policy tags that you can apply to policies at a later time, you can add new tags to the Tag List in the Manage Policy Tags dialog box.

To add the policy tag:

  1. Select Action > Manage Tags .
    The Manage Policy Tags page appears.

Screen shot of the Manage Policy Tags dialog box

  1. Click Add.
    The New Policy Tag dialog box appears.
  2. In the Name text box, type a descriptive name for the policy tag.
  3. To specify a color for the policy tag, click the color palette and select a color.
  4. Click OK.
    The policy tag appears in the Tags list.

You can now apply the new tag to any policy. To apply a policy tag that you have already created to one or more policies:

  1. In the policy list, select one or more policies.
  2. Select Action > Add Tag to Policy and select a tag.
    The tag is applied to the policies you selected and appears in the Tags column for those policies.

To add the policy tag.

  1. Select View > Policy Tags > Manage.
    The Manage Policy Tags dialog box appears.

Screen shot of the Manage Policy Tags dialog box

  1. In the Name text box, type a descriptive name for the tag.
  2. Click Add.
    The tag name appears in the Tag List.
  3. To specify a color for the new tag, select the tag in the Tag List, click Color, and select a color from the color palette.
  4. Click OK.

You can now apply the new tag to any policy. To apply a policy tag that you have already created to one or more policies:

  1. In the policy list, select one or more policies.
  2. Right-click and select Policy Tags > Add to policy and select a tag.
    The tag is applied to the policies you selected and appears in the Tags column for those policies.

Apply a Policy Tag in the Policy

  1. Add a new policy or edit a policy in the policy list.
  2. Select the Settings tab.
  3. In the Tags section, click Edit.
    The Select Policy Tags dialog box appears.

Screen shot of the Select Policy Tags dialog box

  1. To apply a tag to the policy, from the Available list, select a policy tag and click <<.
    The tag is moved from the Available list to the Tagged list.
  1. Add a new policy or edit a policy in the policy list.
  2. Select the Properties tab.
    Any tags that are already applied to the policy appear in the Tags list.

Screen shot of the WG-Logging policy Properties tab

  1. In the Tags section, click Policy TagsEdit.
    The Select Policy Tags dialog box appears.

Screen shot of the Select Policy Tags dialog box

  1. To apply a tag to the policy, from the Available list, select a policy tag. Double-click the tag or click Add <<.
    The tag is moved from the Available list to the Tagged list.
  2. To add a new policy tag to the Available list, click Manage Tags and add a tag.

Remove Policy Tags From Policies

There are two methods you can use to remove a policy tag from a policy: you can remove one or more policy tags from a single policy, or you can delete a policy tag to remove it from all the policies to which it is applied. When you remove a policy tag from a single policy, the tag remains in the Tag List so you can use the tag again later. When you delete a policy tag, it is deleted both from the Tag List and from any policies to which it was applied. You cannot use a template to delete a policy tag from a policy in a device configuration file.

  1. In the policy list, select the check box for a policy.
  2. Select Action > Remove Tags from Policy and select the policy tag to remove.
    The selected policy tag is removed from the policy and the Tags column.

Screen shot of the Tags > Remove from policy menu

  1. In the policy list, select one ore more policies.
  2. Select Action > Remove Tag from Policy > All.
    All policy tags are removed from the selected policies and the Tags column.
  1. Select Action > Manage Tags.
    The Manage Policy Tags dialog box appears.
  2. From the Tags list, select a policy tag and click Remove.
  3. Click Save.
    The selected policy tag is removed from the Tags list and from each policy to which the tag was applied. The policy tag name is also removed from the Tags column in the policies list.
  1. Add a new policy or edit a policy in the policy list.
  2. Select the Settings tab.
  3. Below the Tags list, click Edit.
    The Select Policy Tags dialog box appears.
  4. To remove a policy tag from the policy, from the Tagged list, select a policy tag and click >>
    The tag is moved from the Tagged list to the Available list.
  1. In the policy list, select a policy.
  2. Right-click the policy and select Policy Tags > Remove from policy and select the policy tag to remove.
    The selected policy tag is removed from the policy and the Tags column.

Screen shot of the Policy Tags > Remove from policy context menu

  1. In the policy list, select one ore more policies.
  2. Right-click the policies and select Policy Tags > Remove from policy > All.
    All policy tags are removed from the selected policies and the Tags column.
  1. Select View > Policy Tags > Manage.
    Or, right-click a policy and select Policy Tags > Manage.
    The Manage Policy Tags dialog box appears.
  2. From the Tag List, select one or more policy tags and click Remove.
    The selected policy tags are removed from the Tag List and from each policy to which the tags were applied. The policy tag names are also removed from the Tags column in the policies list.
  1. Add a new policy or edit a policy in the policy list.
  2. Select the Properties tab.
  3. Click Policy Tags.
    The Select Policy Tags dialog box appears.
  4. To remove a policy tag from the policy, from the Tagged list, select a policy tag and double-click the tag or click >> Remove.
    The tag is moved from the Tagged list to the Available list.

Modify Policy Tags

After you have created a policy tag, you can change the name or the color of the tag. When you modify a policy tag, the changes that you make automatically appear in all the policies to which the policy tag is applied.

  1. Select Action > Manage Tags .
    The Manage Policy Tags dialog box appears.
  2. From the Tags list, select a policy tag.
  3. Click Edit.
    The Policy Tag dialog box appears.
  4. In the Name text box, type a new descriptive name for the policy tag.
  5. From the color palette, select a new color for the policy tag.
  6. Click OK.
    The changes you made to the policy tag appear in the Tags list.
  7. Click Save.
  1. Select View > Policy Tags > Manage.
    Or, right-click a policy and select Policy Tags > Manage.
    The Manage Policy Tags dialog box appears.
  2. From the Tag List, select a policy tag.
  3. To change the name of the tag, click Rename and type a new name for the policy tag.
  4. To change the color of the tag, click Color and select a color from the color palette.
  5. Click OK.

Create and Apply a Filter

After you have created and applied policy tags to your policies, you can use the tags to filter the policy list and select which policies appear in the policy list. The criteria included in your filters is based on both AND and OR operators.

After you apply a filter, you can sort the policy list by column to further refine your view of the policies that appear in the policy list. You can also name and save the filters you create so you can apply the filter again at any time. Because saved filters are stored in your Firebox configuration file, all saved filters are available whether you manage the Firebox with Policy Manager or Fireware Web UI.

When you apply a filter to the policy list, the filter remains applied to the list until you manually clear it. If you do not remove a filter before you exit the policy list, that filter is still applied when you next connect to the Firebox and view the policy list. To make sure that all of your policies appear in the policy list when you next open the configuration file, we recommend that you always clear all filters from the policy list before you exit the policy list.

  1. From the Filter drop-down list, select Create New Filter.
    The Policy Filter dialog box appears.

Screenshot of Policy Filter dialog box

  1. In the Name text box, type a descriptive name for this filter.
  2. Select a filter option:
    • Match All — Only policies that include all the specified policy tags appear in the filtered policy list. This is the default option.
    • Match Any — Any policy that includes any of the specified policy tags appear in the filtered policy list.
  3. Select the policy tags to include in the filter.
  4. Click OK.
    The selected filter is applied to the list.
  5. To clear all filters from the policy list, from the Filter drop-down list, select None.
    All filters are removed from the policy list.
  1. In the Tags column, click the Policy Tags Filter icon.
    The filter options list appears.

Screen shot of the Tags filter options list

  1. Select a filter option:
    • Match All — Only policies that include all the specified policy tags appear in the filtered policy list. This is the default option.
    • Match Any — Any policy that includes any of the specified policy tags appear in the filtered policy list.
  2. Select the policy tags to include in the filter.
  3. Click anywhere on the policy list to save your selections and apply the filter to the policy list.
    The policy list is updated to show only the policies that match the filter parameters, and the filter icon changes to .
  4. To clear all filters from the policy list, from the Filter drop-down list, select None.
    All filters are removed from the policy list.

After you have created and applied a filter to the policy list, you can save your filter settings as a custom filter that you can apply again later.

  1. From the Filter drop-down list, select Custom.
  2. Click the Save Filter iconthe Save Filter icon.
    The Save Filter dialog box appears.

Screen shot of the Save Filter dialog box

  1. In the Name text box, type a descriptive name for the filter.
  2. Click OK.
    The filter name appears in the Filter drop-down list and the Manage Filters list.

Modify a Filter

You can change the policy tags and filter options that are included in a filter. You can also change the name of a filter. When you change the name of the filter, the name is automatically updated in the Filters list and in all policies to which the filter is applied.

  1. From the Filter drop-down list, select Manage Filter.
    The Manage Filters page appears.

Screen shot of the Manage Filters page

  1. From the Filters list, select the filter to modify.
  2. Click Edit.
    The Policy Filter dialog box appears.
  3. Change the filter parameters.
  4. Click OK.
    The modified filter appears in the Filters list.
  5. Click Save.
  1. From the Filter drop-down list, select a filter.
  2. Click the Policy Tags Filter icon and change the filter parameters.
    The policy list view is updated to include only the policies that match the new filter parameters, and Custom appears in the Filter drop-down list.
  3. Click the Save Filter icon .
    The Save Filter dialog box appears, with the name of the last filter you selected in the Name text box.
  4. To keep the same filter name, do not change the content in the Name text box.
  5. Click OK.
    The filter is updated with the new parameters you specified.
  1. Click the Manage Filters icon
    The Manage Filters dialog box appears.

Screen shot of the Manage Filters dialog box

  1. From the Filters list, select a filter and click Rename.
    The Rename Filter dialog box appears.

Screen shot of the Rename Filter dialog box

  1. In the Name text box, type a new descriptive name for the filter.
  2. Click OK.
    The new filter name appears in the Filters list.

Screen shot of the Manage Filters dialog box

Clone a Filter

To create a new filter with many of the same parameters as a filter that you already created and saved, you can clone a filter in the Filters list. A cloned filter is like a template for a new filter. After you clone the filter, you can add new parameters and specify a new descriptive name for the cloned filter.

  1. Click the Manage Filters icon
    The Manage Filters dialog box appears.
  2. Select a filter. Click Clone.
    A new filter appears in the Filters list with the name of the filter you cloned with .1 at the end.
    For example, if you cloned Primary_Policy_Set, the cloned filter name is Primary_Policy_Set.1.
  3. To change the name of the cloned filter, select the filter, click Rename, and specify a new descriptive name for the filter.
    The new filter name appears in the Filters list.
  4. Click OK.
    The Manage Filters dialog box closes and the new filter is added to the Filter drop-down list.
  5. To change the parameters specified in the cloned filter, select the filter from the Filter drop-down list.
    Only policies that match the filter appear in the policy list.
  6. Click the Policy Tags Filter Applied icon and change the filter options.
  7. Click the Save Filter icon .
    The Save Filter dialog box appears.
  8. In the Name text box, type the same name you specified in Step 3 and click OK.
    The changes you made to the filter are saved.

Related Topics

Add Policies to Your Configuration

About Policy Views

Create Device Configuration Templates