A Cisco VNMC firewall policy is a set of firewall attributes. The attributes in a firewall policy are as follows:
Policy set—The policy set contains
the policy, the rule, the zone, and the object group. Once the policy set is created, it can be assigned to a security
profile. An existing default policy set is automatically assigned at system boot up.
Policy—A policy contains rules. A policy can contain rules that can be ordered. An existing default policy is automatically assigned at system boot up. The default policy has a default rule that has an action as drop.
Rule—A rule contains the conditions for regulating traffic. The default policy has a default rule that has an action as drop. Conditions for a rule can be
set using the network, custom, and virtual machine attributes.
Object group—An object group object can be created under an organization node. It defines a collection of condition expressions on a specific system defined or on a custom attribute. An object group can be referred in a policy rule condition when a member or not-member operator is selected. The rule condition referring to the object group evaluates to true if any of the expressions in the object group evaluate to true.
Zone—A zone defines a set of virtual machines based on
conditions. The zone name is
used in the authoring rules.
Firewall policies are created and then pushed to the Cisco VSG.
Security Profiles
A Cisco VNMC security profile is a set of custom security attributes. The security profile is added to
the port profile for the Nexus 1000V VSM. The port profile is assigned to the Nexus 1000V VSM vNic, making the security profile part
of the virtual machine (VM). Adding a security profile to the VM allows the addition of custom
attributes to the VM. Firewall rules can be written using custom
attributes such that traffic between VMs can be allowed to pass or
be dropped.
There is a preconfigured default security
profile at root level. The default security profile points to the
default policy set. The default security profile can be edited but
cannot be deleted.
VNMC Security Profile Dictionary
A Cisco VNMC security profile dictionary is a logical collection of security attributes. You define dictionary attributes for use in a security profile.
A security profile dictionary is created at the root or tenant node. New dictionaries are created by right-clicking on the appropriate root or tenant level. You can only create one dictionary for a tenant and only one dictionary for the root.
The security profile dictionary allows the user to define names of custom attributes. Custom attribute values are specified on security profile objects. Custom attributes can be used to define policy rule conditions. Attributes configured in a root level dictionary can be used by any tenant. Creation of a dictionary below tenant level is not supported.
Configuring Firewall Policies
Configuring Object Groups
Adding an Object Group
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root.
Step 4
Click the Object Groups node where you want to add an object group.
Note
You can add the component at any organizational level.
Step 5
In the Work pane, click the Add Object Group link.
Step 6
In the Add Object Group dialog box General tab area, complete the following fields:
Name
Description
Name field
The name of the object group.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the object group.
Step 7
Click
OK.
Adding an Object Group Expression
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root.
Step 4
Select Object Groups > Object Group_name where you want to add an object group expression.
Note
You can add the component at any organizational level.
Step 5
In the Work pane, click the Expressions tab.
Select an attribute type from the Attribute Type drop-down list.
Select an attribute name from the Attribute Name drop-down list.
In the Expressions area, click the Add link, and complete the fields as appropriate:
Name
Description
Attribute Name drop-down list
A drop-down list that allows you to select an attribute name.
Operator drop-down list
A drop-down list that allows you to select an operator.
Attribute Value field
Attribute value to use that depends on the attribute name you have chosen.
Click OK.
Step 6
In the Work pane, click
Save.
Editing an Object Group
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Object Groups node.
Step 4
In the Work pane, click the Object Group_name to edit.
Step 5
Click the Edit link.
Step 6
In the Edit Object Group dialog box General tab area, edit the appropriate field:
Name
Description
Name column
A name for the component.
Description column
A user-defined description of the component.
Step 7
Click
OK.
Editing an Object Group Expression
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root and view the appropriate Object Groups > Object Group_name.
Step 4
In the Work pane, click the Expressions tab.
Step 5
In the Expressions area, click the expression you want to edit.
Step 6
Click the Edit link to open the Edit Object Group Expression dialog box.
Step 7
Make the appropriate changes, and click OK.
Deleting an Object Group
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies tab.
Step 3
In the Navigation pane, expand Firewall Policy > root to display the appropriate Object Groups node.
Step 4
In the Work pane, click the Object Group_name you want to delete.
Step 5
Click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Deleting an Object Group Expression
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Object Groups.
Step 4
In the Work pane, click the Object Group_name where you want to delete an expression.
Step 5
In the Work pane, click the Expressions tab.
Step 6
In the Expressions area, click the object group expression you want to delete.
Step 7
In the Confirm dialog box, click Yes.
Configuring a Policy
Adding a Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to display the appropriate Policies node.
Note
You can add the component at any organizational level.
Step 4
In the Work pane, click the Add Policy link.
Step 5
In the Add Policy dialog box, complete the following fields:
Name
Description
Name field
The name of the rule-based policy.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the rule-based policy.
Step 6
Click
OK.
Editing a Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to display the appropriate Policies node.
Step 4
In the Work pane, click the Policy_name you want to edit.
Step 5
In the Edit Policy dialog box, make the appropriate changes.
Step 6
Click
OK.
Deleting a Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to display the appropriate Policies node.
Step 4
In the Work pane, click the Policy_name you want to delete.
Step 5
In the Work pane, click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Adding a Rule
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view and select the appropriate Policies > Policy_name.
Note
You can add the component at any organizational level.
Step 4
In the Work pane, click the Rules tab.
Step 5
In the Work pane, click the Add Rule link.
Step 6
In the Add Rule dialog box, click the General tab, and complete the following fields:
Name
Description
Name field
The name of the rule.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the rule.
Action to take radio buttons
This can be:
drop
permit
log check box
A check box to enable logging.
Protocol check box
The protocol to use.
Depending upon your check box selection, additional drop-down lists and fields may appear for selection.
Ether Type check box
The EtherType to use.
Depending upon your check box selection, additional drop-down lists and fields may appear for selection.
Step 7
In the Add Rule dialog box, click the Source and Destination Condition tab.
Click the
Add link in the Source Conditions area, and complete the following fields:
Name
Description
Attribute Type drop-down list
This can be:
Network—These are source and destination IP addresses, port and protocol, EtherType and application
VM—Attributes defined on a virtual machine
Custom—User-defined attributes that are defined in an attribute dictionary. Custom attribute values are specified on security profiles.
Expression Area
Name
Description
Attribute Name drop-down list
A drop-down list that allows you to select an attribute name.
Operator drop-down list
A drop-down list that allows you to select an operator.
Note
Depending upon the Operator value selected, different values for selection are displayed in the Expression area following the Operator value field.
Attribute Value field
Depending upon the attribute name selected, an attribute value must
be entered.
Click OK.
Click the
Add link in the Destination Conditions area, and complete the following fields in the Add Destination Condition dialog box:
Important:
The inspection for FTP, TFTP, and RSH protocols will work only if the rule destination condition is configured with a Network Port equal (eq) operator.
Name
Description
Attribute Type drop-down list
This can be:
Network—These are source and destination IP addresses, port and protocol, EtherType and application
VM—Attributes defined on a virtual machine
Custom—User-defined attributes that are defined in an attribute dictionary. Custom attribute values are specified on security profiles.
Expression Area
Name
Description
Attribute Name drop-down list
A drop-down list that allows you to select an attribute name.
Operator drop-down list
A drop-down list that allows you to select an operator.
Note
Depending upon the Operator value selected, different values for selection are displayed in the Expression area following the Operator value field.
Attribute Value field
Depending upon the attribute name selected, an attribute value must
be entered.
Click OK.
Step 8
In the Add Rule dialog box, click OK.
Step 9
In the Work pane, click Save.
Editing a Rule
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policies > Policy_name.
Step 4
In the Work pane, click the Rules tab.
Step 5
In the Work pane, click the Rule_name you want to edit.
Step 6
Click the Edit link.
Step 7
In the Edit Rule dialog box General tab area, make the appropriate changes.
Step 8
In the Edit Rule dialog box Source and Destination Condition tab area, make the appropriate changes or add new source or destination conditions as required.
Step 9
Click
OK.
Step 10
In the Policy_name pane, click Save.
Deleting a Rule
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policies > Policy_name.
Select the Policy_name that contains the rule you want to delete.
Step 4
In the Work pane, click the rule you want to delete.
Step 5
In the Work pane, click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Deleting a Source or a Destination Condition
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policies > Policy_name.
Select the Policy_name that contains the source or destination condition you want to delete.
Step 4
In the Work pane, click the Rules tab.
Step 5
Click the Rule_name where you want to delete a source or a destination condition.
Step 6
Click the Edit link.
Step 7
In the Edit dialog box Source and Destination Condition tab area, click the condition you wnat to delete.
Step 8
In the Work pane, click the Delete link.
Step 9
In the Confirm dialog box, click Yes.
Configuring a Policy Set
Adding a Policy Set
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policy Sets node.
Note
You can add the component at any organizational level.
Step 4
In the Work pane, click the Add Policy Set link.
Step 5
In the Add Policy Set dialog box, General tab area, complete the following fields:
Name
Description
Name field
The name of the policy set.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the policy set.
Step 6
In the Add Policy Set dialog box, click
OK.
Assigning a Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policy Sets > Policy Set_name.
Select the Policy Set_name where you want to assign a policy.
Step 4
In the Work pane, click the Policies tab.
Step 5
Click the Assign Policy link.
Step 6
In the Assign Policy dialog box, do the following:
Select the appropriate policy.
Click
OK.
Step 7
In the Work pane, click
Save.
Editing a Policy Set
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policy Sets node.
Step 4
In the Work pane, click the Policy Set_name you want to edit.
Step 5
In the Work pane, click the Edit link.
Step 6
In the Edit Policy Set dialog box, click the General tab, and change the appropriate fields:
Name
Description
Name field
A name for the component.
Description field
A user-defined description of the component.
Step 7
In the Edit Policy Set dialog box, click the Policies tab.
Step 8
Use the Up and Down arrows to rearrange the policies as required.
Step 9
(Optional) You may delete policies if required.
Step 10
In the Edit Policy Set dialog box, click
OK.
Deleting a Policy Set
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policy Sets node.
Step 4
In the Work pane, click the Policy Set_name you want to delete.
Step 5
In the Work pane, click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Deleting an Assigned Policy
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Policy Sets > Policy Set_name.
Select the Policy Set_name that contains the assigned policy you want to delete.
Step 4
In the Work pane Policies tab area, click the Policy_name you want to delete.
Step 5
Click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Configuring Zones
Adding a Zone
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Zones node.
Note
You can add the component at any organizational level.
Step 4
In the Work pane, click the Add Zone link.
Step 5
In the Add Zone dialog box General tab area, complete the following fields:
Name
Description
Name field
The name of the zone.
This name can be between 1 and 32 identifier characters. You can use alphanumeric characters including hyphen, underscore, dot, and colon. You cannot change this name after it is saved.
Description field
A user-defined description of the zone.
Step 6
Click the Conditions tab.
Step 7
Click the Add link.
Step 8
In the Add Zone Condition dialog box, do the following:
Select an attribute type from the Attribute Type drop-down list.
In the Expression area, complete the following fields:
Name
Description
Attribute Name drop-down list
Depending upon the attribute type selected, a different set of choices are available.
Operator drop-down list
Depending upon the attribute type selected, a different set of choices are available.
Attribute Value field
Depending upon the attribute type selected, a different set of choices are available.
Click OK.
Step 9
In the Add Zone dialog box, click OK.
Editing a Zone
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Zones node.
Step 4
In the Work pane, click the Zone_name you want to edit.
Step 5
In the Work pane, click the Edit link.
Step 6
In the Edit Zone dialog box General tab area, change the appropriate fields:
Name
Description
Name column
A name for the component.
Description column
A user-defined description of the component.
Step 7
In the Edit Zone dialog box Conditions tab area, do the following:
Use the Up and Down arrows to rearrange the attributes as required.
Click the Edit link to open the Edit Zone Condition dialog box, and make the appropriate changes in the following fields, as available:
Name
Description
Attribute Type drop-down list
This can be:
Network
VM
Custom
Name
Description
Attribute Name drop-down list
Depending upon the attribute type selected, a different set of choices are available.
Operator drop-down list
Depending upon the attribute type selected, a different set of choices are available.
Attribute Value field
Depending upon the attribute type selected, a different set of choices are available.
Click OK.
Step 8
In the Edit Zone dialog box, click OK.
Deleting a Zone
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to display the appropriate Zones node.
Step 4
In the Work pane, click the Zone_name you want to delete.
Step 5
Click the Delete link.
Step 6
In the Confirm dialog box, click Yes.
Deleting a Zone Condition
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Firewall Policy > root to view the appropriate Zones > Zone_name.
Select the Zone_name that contains the condition you want to delete.
Step 4
In the Work pane, click the Conditions tab.
Step 5
Click the condition you want to delete.
Step 6
Click the Delete link.
Step 7
In the Confirm dialog box, click Yes.
Configuring Security Profiles
Adding a Security Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile > root to view the appropriate Security Profiles node.
Note
You can add the component at any organizational level.
Step 4
In the Work pane, click the Add Security Profile link.
Step 5
In the General tab area, complete the following fields:
Name
Description
Name field
The name of the Security Profile.
Description field
A user-defined description of the Security Profile.
Policy Set drop-down list
A user-created list of policy sets from which to select.
Step 6
In the Add Security Profile dialog box Attribute tab area, do the following:
Click the Add link.
In the Add Security Profile Attribute dialog box, complete the following fields:
Name
Description
Name field
An available selection of attribute names from the Security Profile Dictionary.
Value field
A user-defined description of the Security Profile Dictionary attribute.
Click
OK.
Step 7
In the Add Security Profile dialog box, click
OK.
Editing a Security Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile > root to view the appropriate Security Profiles node.
Step 4
In the Work pane, click the Security Profile_name you want to edit.
Step 5
In the Work pane, click the Edit link.
Step 6
In the Edit Security Profile dialog box General tab area, make the appropriate changes:
Name
Description
Name field
The name of the Security Profile.
Description field
A user-defined description of the object.
Policy Set drop-down list
A selectable drop-down list of Policy Sets.
Step 7
In the Edit Security Profile dialog box Attribute tab area, do the following:
Click the Edit link.
Click the attribute you want to edit.
In the Edit Security Profile Attribute dialog box, make the appropriate changes:
Name
Description
Name field
An available selection of attribute names from the Security Profile Dictionary.
Value field
A user-defined description of the Security Profile Dictionary attribute.
Click
Apply.
Click
OK.
Step 8
In the Edit Security Profile dialog box, click
OK.
Deleting a Security Profile
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile > root to view the appropriate Security Profiles node.
Step 4
In the Work pane, click the Security Profile_name you want to delete.
Step 5
In the Work pane, click the Delete link.
Step 6
In the Confirm dialog box, click OK.
Deleting a Security Profile Attribute
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile > root to view the appropriate Security Profiles > Security Profile_name.
Step 4
Click the Security Profile_name where you want to delete a Security Profile attribute.
Step 5
In the Work pane, click the Attribute tab.
Step 6
In the Work pane, select the attribute you want to delete.
Step 7
Click the Delete link.
Step 8
In the Confirm dialog box, click Yes.
Configuring Security Profile Dictionary
Adding a Security Profile Dictionary
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to click on the appropriate node where you want to add a security profile dictionary.
Note
Creation of a security profile dictionary is supported at the root and Tenant levels.
Step 4
In the Work pane, click the Add Security Profile Dictionary link.
Step 5
In the Add Security Profile Dictionary dialog box General tab area, complete the following fields:
Name
Description
Name field
The name of the Security Profile Dictionary.
Description field
A user-defined description of the object.
Step 6
Click
OK.
Adding a Security Profile Dictionary Attribute
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to view and select the appropriate Security Profile Dictionary_name.
Step 4
In the Work pane, click the Attribute tab.
Step 5
In the Work pane, click the Add link.
Step 6
In the Add Security Profile Dictionary Attribute dialog box, complete the following fields:
Name
Description
Name field
The name of the Security Profile Dictionary attribute.
Description field
A user-defined description of the object.
Step 7
Click
OK.
Editing a Security Profile Dictionary
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to view and select the appropriate node where you want to edit a security profile dictionary.
Step 4
In the Work pane, click the Security Profile Dictionary_name you want to edit.
Step 5
In the Work pane, click the Edit link.
Step 6
In the Edit Security Profile Dictionary dialog box General tab area, complete the following fields:
Name
Description
Name field
The name of the Security Profile Dictionary.
Description field
A user-defined description of the object.
Step 7
Click
OK.
Editing a Security Profile Dictionary Attribute
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to view the appropriate Security Profile Dictionary_name.
Step 4
In the Work pane, click on a Security Profile Dictionary_name.
Click the Security Profile Dictionary_name where you want to edit the Security Profile Dictionary attribute.
Step 5
In the Work pane, click the Edit link.
Step 6
In the Edit Security Profile Dictionary dialog box, click the Attribute tab.
Step 7
Click the Attribute_name you want to edit.
Step 8
Click the Edit link.
Step 9
In the Edit Security Profile Attribute dialog box, make the appropriate changes:
Name
Description
Name field
The name of the Security Profile Dictionary attribute.
Description field
A user-defined description of the object.
Step 10
Click
OK.
Step 11
In the Edit Security Profile Dictionary dialog box, click OK.
Deleting a Security Profile Dictionary
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to view and select the appropriate node where you want to delete a security profile dictionary.
Step 4
In the Work pane, click the Security Profile Dictionary_name you want to delete.
Step 5
In the Work pane, click the Delete link.
Step 6
In the Confirm dialog box, click OK.
Step 7
In the Work pane, click Save.
Deleting a Security Profile Dictionary Attribute
Procedure
Step 1
In the Navigation pane, click the Policy Management tab.
Step 2
In the Navigation pane, click the Security Policies subtab.
Step 3
In the Navigation pane, expand Security Profile Dictionary > root to view and select the appropriate Security Profile Dictionary_name.
Click the Security Profile Dictionary_name where you want to delete a Security Profile Dictionary attribute.
Step 4
In the Work pane, click the Attributes tab.
Step 5
In the Work pane, select the attribute you want to delete.