It was interesting to read about the unified policy. What is the best method to use it?
First of all, please note that while creating unified policies is supported through the R80 Security Management Server, only R80.10 and above Gateways will be able to support it. Attempting to install such policies on Pre-R80 GW's will fail during policy verification.
The next-generation security management allows to combine firewall, application control, data awareness in one "access control" rulebase. What you need to do is edit your policy, edit the access control layer, and check all the relevant blades.
Then, your rulebase will have new available columns: "Services & Applications", and "Data". In the "Services & Applications", where you normally select Services in your Firewall rulebase, you will also be able to select web applications, as well as mobile access applications. In the "Data" column you will be able to select individual data types, and the upload/download direction. Enforcement will then only apply to the granular selection of this rule.
The "Track" column will also include options to include more information regarding the connection, with regard to the selected applications and data:
In the world of Threat Prevention, such unification can happen with the use of the Profiles. Enable multiple blades on a profile - IPS, Anti-Bot, Threat Extraction, and place it in a rule related to a scope in your organization. While Pre-R80 Gateways must have separate rulebases for IPS and Anti Malware, the next versions of these Gateways will support unifying them.
Retrieving data ...