Citrix Systems Network Router 9.2 User Manual

•

Protocol. The protocol of the connections that this policy will filter. 
This can be HTTP, SSL, TCP, or IP. 

•

Qualifier. The aspect of the protocol that the policy should consider. 
The list of valid qualifiers varies depending on which protocol you 
chose. For a list of all valid qualifiers for each Protocol, and a 
description of each, see 

.

•

Operator. The symbol that describes the condition you want the 
Application Firewall to test. For a list of all valid operators and a 
description of each, see 

.

•

Value. The text or number that the expression is comparing to the 
current connection to determine whether it matches the policy or not. 
For example, if you are testing the URL header to see if it contains 
the subdomain shopping.example.com, you type the string 
shopping.example.com

. If you are testing the length of the URL 

header to see if it is greater than 1024 characters, you type the 
number 1024.

•

Header Name. If you chose HEADER as your Qualifier, you must 
also include the name of the header that contains the attribute or 
string you want the NetScaler appliance to use for the test. 

Depending on the policy type, you can bind the policy either globally or to a 
virtual server. Policy bind points are described in the table, 

.

You can bind the same classic policy to multiple bind points. 

1.

If the policy can be bound globally, click Global Bindings.

2.

To bind the policy, select Insert Policy, and then click the name of the 
policy that you want to bind.

3.

In the Priority field, type the priority value.

The lower the number, the sooner this policy is evaluated relative to other 
policies. For example, a policy assigned a priority of 10 is performed before 
a policy with a priority of 100. You can use the same priority for different 
policies. All features that use classic policies implement only the first