Description

The Network policies section contains the following subsections:

  • Firewall

  • NAT and routing

  • Load balancing

  • Traffic shaping.

Using network policies, the administrator can configure the required Internet access for the users, publish internal resources to the Internet, and manage the bandwidth for specific services and applications.

Note The rules created in these sections are applied top to bottom as they are listed in the console. Only the first rule matching the conditions is triggered. This means that more specific rules must be placed higher in the list than more general ones.

To enable Internet access for the users, follow these steps:

Name

Description

Step 1. (Optional) Create a NAT rule.

This is applicable if traffic NATing is required. See the NAT and Routing section.

Step 2. Create a firewall rule allowing access.

See the Firewall section.

To publish an internal resource to the Internet:

Name

Description

Step 1. Create a DNAT or reverse proxy rule.

See the DNAT Rules and HTTP/HTTPS Resource Publishing Using Reverse Proxy sections.

To provide Internet access via an alternate provider for a specific service or address:

Name

Description

Step 1. Create a policy-based routing rule.

See the Policy-Based Routing section.

To block or allow a specific type of traffic that passes through UserGate:

Name

Description

Step 1. Create a firewall rule.

See the Firewall section.

To distribute traffic between multiple internal servers:

Name

Description

Step 1. Create a load balancing rule.

See the Load Balancing section.

To limit the bandwidth for a specific service or application:

Name

Description

Step 1. Create a traffic shaping rule.

See the Traffic Shaping section.