Install Policy

What can I do here?

Use this window to install access control and threat prevention policies on one or more gateways.

• Click the View Changes button to see which revisions will be installed
• Click Policy Targets to select installation targets

Installing the Access Control Policy

1. On the Global Toolbar, click Menu > Install Policy.

   The Install Policy window opens showing the Security Gateways.

2. If there is more than one Policy package: From the Policy drop-down list, select a policy package.
3. Select Access Control. You can also select other Policies.
4. If there is more than one gateway: Select the gateways on which to install the Policy.
5. Select the Install Mode:
   • Install on each selected gateway independently - Install the policy on each target gateway independently of others, so that if the installation fails on one of them, it doesn't affect the installation on the rest of the target gateways.

     Note - If you select For Gateway Clusters, if installation on a cluster member fails, do not install on that cluster, the Security Management Server makes sure that it can install the policy on all cluster members before it begins the installation. If the policy cannot be installed on one of the members, policy installation fails for all of them.

   • Install on all selected gateways, if it fails do not install on gateways of the same version - Install the policy on all the target gateways. If the policy fails to install on one of the gateways, the policy is not installed on other target gateways.
6. Click Install.

Installing the Threat Prevention Policy

The IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction Software Blades have a dedicated Threat Prevention policy. You can install this policy separately from the policy installation of the Access Control Software Blades. Install only the Threat Prevention policy to minimize the performance impact on the Security Gateways.

To install the Threat Prevention policy:

1. From the Global toolbar, click Install Policy.

   The Install Policy window opens showing the installation targets (Security Gateways).

2. Select Threat Prevention.
3. Select Install Mode:
   • Install on each selected gateway independently - Install the policy on the selected Security Gateways without reference to the other targets. A failure to install on one Security Gateway does not affect policy installation on other gateways.

     If the gateway is a member of a cluster, install the policy on all the members. The Security Management Server makes sure that it can install the policy on all the members before it installs the policy on one of them. If the policy cannot be installed on one of the members, policy installation fails for all of them.

   • Install on all selected gateways, if it fails do not install on gateways of the same version - Install the policy on all installation targets. If the policy fails to install on one of the Security Gateways, the policy is not installed on other targets of the same version.
4. Click OK.