CHAPTER
22-1
Cisco ASDM User Guide
OL-16647-01
22
Configuring Service Policy Rules
This chapter describes how to enable service policy rules. Service policies provide a consistent and
flexible way to configure security appliance features. For example, you can use a service policy to create
a timeout configuration that is specific to a particular TCP application, as opposed to one that applies to
all TCP applications.
This chapter includes the following sections:
• Service Policy Overview, page 22-1
• Adding a Service Policy Rule for Through Traffic, page 22-6
• Adding a Service Policy Rule for Management Traffic, page 22-10
• Managing the Order of Service Policy Rules, page 22-13
• RADIUS Accounting Field Descriptions, page 22-14
Service Policy Overview
This section describes how security policies work, and includes the following topics:
• Supported Features, page 22-1
• Service Policy Elements, page 22-2
• Default Global Policy, page 22-2
• Feature Directionality, page 22-3
• Order in Which Multiple Feature Actions within a Rule are Applied, page 22-4
• Incompatibility of Certain Feature Actions, page 22-5
• Feature Matching Guidelines for Multiple Service Policies, page 22-5
Supported Features
Security policies support the following features:
• QoS input policing
• TCP normalization, TCP and UDP connection limits and timeouts, and TCP sequence number
randomization
• CSC