Extreme Networks Policy Manager (EPM) 1.2 User Guide
53
6
Running Extreme Networks Policy Manager
Examples
Introduction
This chapter describes some of the functionality of the Extreme Networks Policy Manager (EPM) using
two examples. The examples use two sample policies that are included with the EPM application.
NOTE
Each of the following two examples consists of a series of connected procedures. Each procedure begins in the state
where the previous one ended. If a procedure is used out of the order that is displayed here, the results may be
affected.
Example 1—Example_TCP_Threshold.pol
This TCP_Threshold example is a simple policy demonstrating the ability to show CLEAR-Flow rules
that detect TCP traffic that exceeds a minimum threshold.
Open and View the Policy
1
Start by opening the EPM
2
From the menu, choose
File > Open > Local
. The file
Open
Box is displayed.
3
Navigate to epm_supervisor\policy_files\examples and
Open
"Example_TCP_Threshold.pol." The
policy has two rules: "ACL_TCP" and "CF_TCP_THRESHOLD."
4
In the Rule Editor window, set the following views as shown in the screen below.
a
In the Tree Structure Panel, click the
Rules by Reference
tab. This shows that the two rules are
connected.
b
In the Rule Editing and View Panel, either click the "+" to the right of the rule name or right-click
the rule and choose
Expand
All
from the resulting dropdown menu. This expands the rules to
view the raw rule text that shows a common rule element—"count TCP_COUNTER
.
"
The
CLEAR-Flow rule extends the action of the ACL rule.
5
Check other available information. For example:
a
In the Status Panel, under the Policy Information tab, information about the creation,
modification and use of the policy is displayed.
b
In the Rule Properties Panel under the Rule Information tab, similar information for the rule(s) is
displayed.
When ACL_TCP is selected, information in the Notes field reads: "This rule creates a counter that
is used by the CLEAR-Flow rule when evaluating the TCP packet threshold."
When CF_TCP_THRESHOLD is selected, the information reads: "This rule evaluates the
TCP_COUNTER setup in the ACL_TCP rule. If the threshold exceeds 100 TCP packets within the
period then the rule is triggered."