Table of contents
Topics on this page
Configure internet connectivity for the computer
Define a context

Define contexts for use in policies

Contexts are a powerful way of implementing different security policies depending on a computer's network environment.

Contexts are designed to be associated with firewall and intrusion prevention rules. If the conditions defined in the context associated with a rule are met, the rule is applied.

Configure internet connectivity for the computer

  1. In the Workload Security console, go to Administration > System Settings > Contexts.

  2. In URL for testing Internet Connectivity Status, enter the URL to which to send an HTTP request to test for internet connectivity. You must include "http://"

  3. In the Regular Expression for returned content used to confirm Internet Connectivity Status dialog, enter a regular expression to be applied to the returned content to confirm that HTTP communication was successful. If you are certain of the returned content, you can use a simple string of characters.

  4. In the Test Interval list, select the time interval between connectivity tests.

For example, to test Internet connectivity, you could use the URL "http://www.example.com", and the string "This domain is established to be used for illustrative examples in documents" which is returned by the server at that URL.

Define a context

  1. In the Workload Security console, go to Policies > Common Objects > Other > Contexts and then click New > New Context.

  2. In General Information, enter the name and description of the context rule. This area also displays the earliest version of the agent with which the rule will be compatible.

  3. In the Options area, specify when to apply the context:

    • Context applies when connection is: Specifying an option determines whether the Firewall rule is in effect depending on the ability of the computer to connect to its domain controller or its internet connectivity. Conditions for testing internet connectivity can be configured in Administration > System Settings > Contexts.

      If the domain controller can be contacted directly (via ICMP), the connection is Local. If it can be contacted via VPN only, then the connection is Remote.

      The time interval between domain controller connectivity tests is the same as the internet connectivity test interval, which is configurable in Administration > System Settings > Contexts. The internet connectivity test is only performed if the computer is unable to connect to its domain controller.

    • Context Applies to Interface Isolation Restricted Interfaces: This context applies to network interfaces on which traffic has been restricted through the use of interface isolation. This is primarily used for Allow or Force Allow firewall rules. See Detect and configure the interfaces available on a computer.

After you assign the context to a rule, it is displayed on the Assigned To tab for the context. To link a security rule to a context, go to the Options tab in the security rule's Properties window and select the context from the Context list.