A service policy allows you to associate network idle timers on firewall contexts and rules.
You can discover a service policy on a BIG-IP® device version 12.0 or later, or create one on a BIG-IQ® system using the Network Security Policy Editor and then deploy it to a BIG-IP device version 12.0 or later.
A service policy contains a timer policy, also known as a firewall idle timer, which contains timer rules that can be associated with firewall contexts and rules. A service policy can be applied to the global, self IP address, or route domain context. It can also be added to a rule in a rule list, or a rule on a security policy. Service policies and timer policies are created separately, and then the timer policies are added to service policies.
Enter 0 as the port value to specify all other ports that have not been specified using Port or Port Range.
|If the rule is in a rule list:||On the left, click Rule Lists, and then click the name of the rule list containing the rule. The rules are listed on the Rules tab.|
|If the rule is associated with a policy:||On the left, click Firewall Policies, and then click the name of the policy containing the rule. The rules are listed on the Rules & Rule Lists tab.|
|Add the service policy by typing.||Type the name of the service policy in the Service Policy column for the rule. The system completes name of the service policy once you begin typing the name.|
|Add the service policy by drag and drop.||In the Shared Resources area, select Service Policies, and then drag the service policy from that list and drop it into the Service Policy column for the rule.|