Importing and Exporting Protection Policies
You can add and export protection rules, blacklist/whitelist items, IP address groups, domain name groups, and service groups in batches.
Specification Limitations
To import and export VPC border protection policies, use the Professional edition.
Importing Protection Rules in Batches
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click
and choose . The Dashboard page will be displayed.
- (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
- In the navigation pane on the left, choose , and then choose Internet Border Protection Rules or VPC Border Protection Rules.
- Click Download Center on the upper right corner of the list.
- Click Download Template to download the rule import template to the local host.
- Configure protection policy information as required.
- Import restrictions:
- A maximum of 640 rules and members can be imported at a time on each tab page.
- Do not change the template file format, or it may fail to be imported.
- Parameter description:
- Protection rule parameters:
- For details about Internet border protection rule parameters, see Parameters of Rule Import Template - Rule-Acl-Table (Internet Border Protection Rules).
- For details about VPC border protection rule parameters, see Parameters of Rule Import Template - Vpc-Rule-Acl-Table (VPC Border Protection Rule).
- For details about the blacklist and whitelist parameters, see Adding Blacklist or Whitelist Items to Block or Allow Traffic.
- For details about IP address group parameters, see Managing IP Address Groups.
- For details about service group parameters, see Managing Service Groups.
- For details about domain name group parameters, see Managing Domain Name Groups.
- Protection rule parameters:
- Import restrictions:
- After filling in the template, click Import Rule to import the template.
- Rule import takes several minutes.
- During rule import, you cannot add, edit, or delete access policies, IP address groups, and service groups.
- The priority of the imported policies is lower than that of the created policies.
- Click Download Center to view the status of the rule import task. If the Status is Imported, the import succeeded.
- Return to the protection rule list to view the imported protection rule.
Exporting Protection Rules in Batches
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click
and choose . The Dashboard page will be displayed.
- (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
- In the navigation pane, choose .
- Click Download Center on the upper right corner of the list.
- Click Export Rule to export rules to a local PC.
Parameters for Importing a Rule Template
Fill in the template by referring to the following parameter descriptions.
References
- For details about how to add a protection rule, see Configuring Protection Rules to Block or Allow Internet Border Traffic.
- For details about how to batch add blacklist or whitelist items, see Adding Blacklist or Whitelist Items to Block or Allow Traffic.
- Checking protection outcomes
- Policy hits: For details about the protection overview, see Viewing Protection Information Using the Policy Assistant. For details about logs, see Access Control Logs.
- For details about the traffic trend and statistics, see Traffic Analysis. For details about traffic records, see Traffic Logs.
- For details about how to adjust rule priority, see Adjusting the Priority of a Protection Rule.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.