System Policy Rules

System policy rules are predefined policy rules that allow specific types of requests from the Local Host network (the Forefront TMG computer) to reach specified destinations, or allow specific types of requests from specified sources to reach the Local Host network.

Each system policy rule is represented by an FPCPolicyRule object contained in the read-only FPCSystemPolicyRules collection accessed through the PolicyRules property of the FPCSystemPolicy object for the array.

Each system policy rule also belongs to a predefined group of system policy rules that apply to a specific service and can be configured together. Such a group is called a system policy configuration group, which is represented by an FPCSystemPolicyConfigGroup object.

An instance of the FPCSystemPolicyConfigGroup object for a specific configuration group can be created by calling the CreateConfigurationGroupInstance method of the FPCSystemPolicy object for the array.

Some properties of a system policy rule can be modified by modifying the properties of the FPCSystemPolicyConfigGroup object representing the configuration group to which the system policy rule belongs. In particular, the Enabled property of this object can be used to enable or disable a system policy rule.

On the other hand, logging is enabled or disabled for a system policy rule using the EnableLogging property of the corresponding FPCPolicyRule object.

Unlike other policy rules, system policy rules are not deleted when a new network template is applied to an array.

Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.