Network Packet Broker policy rules define
the traffic to forward to an external chain of third-party security
appliances (a security chain) based on applications, users, zones,
devices, and IP addresses. Network Packet Broker can forward decrypted
TLS, non-decrypted TLS, and non-TLS traffic to a security chain.
You attach a Packet Broker profile to each Network Packet Broker
policy rule. The policy rule defines the traffic to forward to the
security chain and the profile defines how to forward that traffic,
including the firewall forwarding interfaces, health monitoring,
session distribution among multiple chains, and choosing whether
the chain is routed (Layer 3) or Transparent Bridge (Layer 1).
The following tables describe policy rule settings and Policy
Optimizer options for Network Packet Broker: