General Rules for Creating Scenarios

Scenarios are configured at the level security-policy scenarios using UPL (for more details about UserGate Policy Language, see Configuring Rules Using UPL).

To set and combine conditions for scenarios, definitions are used. A unique custom name is assigned to each definition by which the definition can be referred to. Scenario conditions can be written in a single line or separated to multiple lines using a backslash (as when multiline input is used).

To create or change scenario conditions, def scenario_cond function is used which has the following general structure:

def scenario_cond <scenario_condition_name> <scenario_conditions> end

Parameters which are used to set different condition types will be detailed in the following sections.

Conditions are followed by general properties of the scenario, which are described in the table below:

Name

Description

OK

Action used to create the scenario.

scenario_cond

Custom name of the definition containing the list of conditions of the scenario: scenario_cond = condition_example.

enabled

Enable/disable the scenario:

  • enabled(true)

  • enabled(false)

name

Set the name of the scenario: name("Example scenario name").

desc

Set the description of the scenario: desc("Description for scenario created as an example").

trigger

Application:

  • trigger(one_user): when the scenario is triggered, the rule which uses the scenario will be applied only to the user for which the scenario was triggered.

  • trigger(all_users): when the scenario is triggered, the rule which uses the scenario will be applied to all users mentioned in the properties of the scenario.

duration

Set the duration time for the scenario in minutes.

operation_mode

Set the triggering mode for the scenario:

  • operation_mode(all): the scenario will be triggered if all conditions are true

  • operation_mode(any): the scenario will be triggered if any condition is true.
Note When a scenario is updated, it is necessary to specify all conditions: current conditions will be replaced with the conditions specified when the scenario is changed.

For example, configuration of the scenario with Traffic volume condition is shown below. The scenario will be applied to all users within one minute; traffic volume restriction: 1 Gb/day:

Admin@nodename# create security-policy scenarios 1 upl-rule \ ... def scenario_cond scenario_cond_test ... traffic_limit(1GB) \ ... period(day) \ ... scond_type(traffic) ... end ... OK \ ... scenario_cond = scenario_cond_test ... name(test) \ ... trigger(all_users) \ ... duration (1) ...

If you need to change traffic volume, for example, use the following command:

Admin@nodename# set security-policy scenarios 3 upl-rule \ ...def scenario_cond scenario_cond_test ...traffic_limit(2GB) \ ...period(day) \ ...scond_type(traffic) ...end ...OK \ ...scenario_cond = scenario_cond_test