Chapter 3. Command Reference

add-pair [in name out name]

adds a security zone pairing to a profile.

delete

deletes an existing profile.

description description-string

enters a description for the profile.

remove-pair [in name out name]

removes a security zone pairing from a profile.

rename profile-namerenames an existing profile.

security

creates a security profile.

 

Using conf t profile

creating a

In this example, the security profile “LAN WAN” is created, and a security zone pairing is added:

profile

 

 

 

 

hostname#

conf t

profile "LAN WAN" security

 

hostname#

conf t

profile "LAN WAN" add-pair LAN WAN

conf t protection-settings

The configure terminal protection-settings command creates global exceptions and apply-only restriction rules for Application Protection, Infrastructure Protection, and Performance Protection filters.

Note: If the profile name contains spaces, it must be enclosed in double quotes; for example:

conf t protection-settings app-except add 111.222.33.44 111.222.55.66 -profile "Test Lab"

app-except

creates a global exception for Application Protection and Infrastructure Protection filters.

add -profileprofile-name srcIP destIP

adds a global exception for an entered source or destination IP address according to profile.

remove -profileprofile-name srcIP destIP

removes a global exception for an entered source or destination IP address according to profile.

60 X Family CLI Reference V 2.5.1