All Products
Search

This Product

    Secure Access Service Edge:Configure a trigger template

    Document Center

    Secure Access Service Edge:Configure a trigger template

    Last Updated:Mar 13, 2025

    Secure Access Service Edge (SASE) allows you to configure custom trigger templates and baseline elements. Then, when you configure trigger conditions in a dynamic policy, you can select an existing trigger template.

    Background information

    The dynamic decision-making feature of SASE can detect and respond to security threats in real time, and automatically adjust security measures. You need to configure a dynamic policy to implement dynamic decision-making. If a device triggers the dynamic policy, the system handles the device.

    Configure a trigger template

    1. Log on to the SASE console.

    2. In the left-side navigation pane, choose Dynamic Decision-making > Trigger Templates.

    3. On the Trigger Templates tab, click Create Template.

    4. In the Create Template panel, configure the parameters. The following table describes the parameters.

      Parameter

      Description

      Template Name

      Enter a name for the template. The name must be 2 to 32 characters in length, and can contain letters, digits, hyphens (-), and underscores (_).

      Trigger Settings

      Configure one or more trigger conditions and specify a logical operator for the trigger conditions. For more information, see Trigger Settings parameters.

      image

    5. Click OK.

    You can perform the following operations on a trigger template:

    • Filter: You can search for a trigger template by Template Name.

    • Edit: You can find the trigger template that you want to manage and click Details in the Actions column. In the Details panel, you can modify the configurations of the trigger template.

    • Delete: You can find the trigger template that you want to manage and click Delete in the Actions column.

    Configure baseline elements

    The system provides four built-in baseline elements for compliance baseline-related trigger conditions in a dynamic policy. You can configure the built-in baseline elements to simplify trigger condition settings.

    1. Log on to the SASE console.

    2. In the left-side navigation pane, choose Dynamic Decision-making > Trigger Templates.

    3. In the upper-left corner of the Baseline Element tab, click the Windows drop-down list to select an operating system for which you want to configure baseline elements.

      image

    4. Find the baseline element that you want to manage and click Configure in the Actions column. In the Configure panel, configure the parameters. The following table describes how to configure the built-in baseline elements.

      Baseline element

      Description

      Applicable operating system

      High-risk Port Enabled

      Configure the numbers of ports that must be disabled.

      Windows and macOS

      High-risk Software Used

      Select high-risk software that cannot be used. Apart from the default software options, you can add other software options. For more information about how to add software to a blacklist, see Software blacklist.

      Windows and macOS

      Antivirus Software Disabled

      Select one or more from the built-in antivirus software options. You cannot add other antivirus software options.

      Windows and macOS

      Windows Automatic Updates Not Enabled

      Retain the default configuration. This baseline element checks whether Windows automatic updates are enabled.

      Windows