1. Home
    2. PAN-OS
    3. PAN-OS® Administrator’s Guide
    4. Policy

    Policy

    Policies allow you to enforce rules and take action. The different types of policy rules that you can create on the firewall are: Security, NAT, Quality of Service (QoS), Policy Based Forwarding (PBF), Decryption, Application Override, Authentication, Denial of Service (DoS), and Zone protection policies. All these different policies work together to allow, deny, prioritize, forward, encrypt, decrypt, make exceptions, authenticate access, and reset connections as needed to help secure your network. The following topics describe how to work with policy:

    Related Documentation

    Management Features

    Learn about the new management features introduced in PAN-OS 9.0. ...

    Management Features

    PAN-OS 9.0 supports Temporary Master Key Expiration Extension; Rule Changes Archive; Enforcement of Rule Description, Tag, and Audit Comment; Tag Based Rule Groups; Policy Match ...

    Create and Apply Tags

    Create and Apply Tags Use tags to identify the purpose of a rule or configuration object, and help you better organize your rulebase. To ensure ...

    Defining Policies on Panorama

    Defining Policies on Panorama Device Groups on Panorama™ allow you to centrally manage firewall policies. You create policies on Panorama either as Pre Rules or ...

    Enforce Policy Rule Description, Tag, and Audit Comment

    Require that a description, tag or audit comment be entered when creating or editing a policy rule. ...

    Policy Types

    Policy Types The Palo Alto Networks next-generation firewall supports a variety of policy types that work together to safely enable applications on your network. For ...

    Push a Policy Rule to a Subset of Firewalls

    Push a Policy Rule to a Subset of Firewalls A policy target allows you to specify the firewalls in a device group to which to ...

    Enforcement of Rule Description, Tag, and Audit Comment

    Require that a description, tag or audit comment be entered when creating or editing a policy rule. ...

    Real-Time Enforcement and Expanded Capacities for Dynamic Address Groups

    Real-Time Enforcement and Expanded Capacities for Dynamic Address Groups Virtualization, cloud computing, and IoT have increased the frequency and amount of dynamic changes in the ...

    Rule Changes Archive

    View the audit comment history, config logs, and rule configuration changes from the Audit Comment Archive. ...

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo