Docs
ulb
Classic Load Balancer CLB
Operation Guide
Security Policy
Security Policy Management

Security Policy Management

Creating a Security Policy

Operation Steps

  1. Go to the Load Balancer ULB page, click Security Policy Management

  2. Click Create Security Policy, the creation window for security policy pops up.

  3. You need to fill in the following information:

ConfigurationDescription
NameRequired, the name of the security policy.
Minimum version of TLSRequired, the minimum supported TLS version, options are TLSv1, TLSv1.1, and TLSv1.2.
Suite of encryption algorithmRequired, please refer to Security Policy for the supported encryption suites.

Deleting a Security Policy

Operation Steps

Go to the Load Balancer ULB page, click Security Policy Management.

Security policies bound to VServer and predefined security policies cannot be deleted.

Deleting a Single Security Policy

  1. Choose the security policy you want to delete and click Delete.

  2. The popup window shows the information of the selected security policy, confirm if it is the one you want to delete.

  3. Click Confirm to complete the deletion process.

Deleting Multiple Security Policies

  1. Batch select the security policies you want to delete by checking the box on the left, click Delete above.

  2. The popup window shows the information of the selected security policies, confirm if they are the ones you want to delete.

  3. Click Confirm to complete the deletion process.

Editing a Security Policy

Operation Steps

Go to the Load Balancer ULB page, click Security Policy Management.

Predefined security policies cannot be edited.

Editing a Security Policy

  1. Choose the security policy you want to edit and click Edit.

  2. Make modifications and click Confirm to complete the operation.

Configuration Instructions

  1. Name, Required. If unchanged, the original name will be kept.

  2. Minimum version of TLS, Required. If unchanged, the original minimum TLS version will be kept.

  3. Suite of encryption algorithm, Required. If unchanged, the original suite of encryption algorithm will be kept.

Binding/Unbinding a Security Policy

The current security policy feature only supports usage in the HTTPS protocol VServer under the request proxy-type CLB.

The security policy feature is currently only in public testing in some regions. If the CLB instance has not yet been publicly tested, it will not be possible to bind or use the created security policy. Please contact technical support if needed.

Binding a Security Policy

  1. Enter the VServer Management page, click Add VServer or Change VServer to set VServer configuration.

  2. Select HTTPS as the protocol, and click on the dropdown box beside Security Policy to choose a predefined or custom security policy.

Unbinding a Security Policy

  1. Enter the VServer Management page, click Change VServer to set VServer configuration.

  2. Click on the dropdown box beside Security Policy and choose Native Policy to unbind an already bound predefined or custom security policy. For more information on native policy, refer to Security Policy.

Unbinding All VServers

  1. Go to the Load Balancer ULB page, click Security Policy Management.

  2. Select the security policy you want to unbind, click Unbind all VServers.

  3. The popup window shows the information of the selected security policy, confirm if you want to unbind all VServers of this security policy.

  4. Click Confirm to finish the unbinding operation.

Security Policy DescriptionPublic Network Firewall