which rules will the connection templates be generated in SecureXL?

Review the Rule Base displayed.
For which rules will the connection templates be generated in SecureXL?

A.
Rules 2 and 5

B.
Rules 2 through 5

C.
Rule 2 only

D.
All rules except Rule 3

11 Comments on “which rules will the connection templates be generated in SecureXL?

  1. CPUG says:

    C is Correct Answer! (Rule 3 in this question is of action “Client Auth”)

    If the Rule Base contains a rule regarding one of the following components, the Connection Templates will be disabled for connections matching this rule, and for all of the following rules:

    Security Server connections.
    Time objects in the rules.
    Dynamic Objects and/or Domain Objects.
    Services of type “other” with a match expression.
    User/Client/Session Authentication actions.
    Services of type RPC/DCERPC/DCOM.

    When installing a policy containing restricted rules, you will receive console messages indicating that Connection Templates will not be created due to the rules that have been defined. The warnings should be used as a recommendation that will assist you to fine-tune your policy in order to optimize performance.

  2. Imran says:

    Connection templates will be generated for simple TCP or UDP connections. eg a user connection with different source ports to a webserver on port 80. Connection Templates is part of the SecureXL (aka Performance Pack)technology

  3. Josh says:

    Rule 1 and 6 are drop rules, so they might create drop templates, but never could they create connection templates, impossible.
    Rule 2 can create connection templates, no one doubts.
    Rule 3 and following: CPUG gave the right explanation.


Leave a Reply

Your email address will not be published. Required fields are marked *