A service policy allows you to associate network idle timers (timer policies) or port misuse policies on firewall contexts and rules.
You can discover a service policy on a BIG-IP® device version 12.0, or later. Or you can create one on a BIG-IQ® Centralized Management system using the Network Security policy editor, and then deploy it to a BIG-IP device version 12.0, or later. You can apply a service policy to the global, self IP address, or route domain context. You can also add it to a rule in a rule list, or to a rule on a security policy.
A service policy can contain timer policies or port misuse policies, or both. You create service policies, timer policies, and port misuse policies separately, and then you add the timer policies or port misuse policies to the service policies.
Enter 0 as the port value to specify all other ports that have not been specified using Port or Port Range.
|If the rule is in a rule list:||On the left, click Rule Lists, and then click the name of the rule list containing the rule. The rules are listed on the Rules tab.|
|If the rule is associated with a policy:||On the left, click Firewall Policies, and then click the name of the policy containing the rule. The rules are listed on the Rules & Rule Lists tab.|
|Add the service policy by typing.||Type the name of the service policy in the Service Policy column for the rule. The system completes name of the service policy once you begin typing the name.|
|Add the service policy by drag and drop.||In the Shared Resources area, select Service Policies, and then drag the service policy from that list and drop it into the Service Policy column for the rule.|