<p class="shortdesc"></p> <section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand"> <span class="ph cmd">登录<a class="xref" href="https://www.ocftcloud.com/console/microApp/edr/overview" target="_blank">EDR控制台。</a>。</span> </li><li class="li step stepexpand"> <span class="ph cmd">点击页面左下角<span class="ph uicontrol">管理</span>。</span> </li><li class="li step stepexpand"> <span class="ph cmd">在左侧导航栏，选择<span class="ph menucascade"><span class="ph uicontrol">资产管理</span><abbr> > </abbr><span class="ph uicontrol">微隔离</span></span>。</span> </li><li class="li step stepexpand"> <span class="ph cmd">在<span class="ph uicontrol">微隔离</span>页面，点击<span class="ph uicontrol">新增规则</span>页签。</span> </li><li class="li step stepexpand"> <span class="ph cmd">在<span class="ph uicontrol">新增微隔离</span>页面，配置相关信息，点击<span class="ph uicontrol">确定</span>，即可新规则。</span> <div class="itemgroup info"> <table class="table" id="dc_edr_cfg_0061__table_ky5_kcz_q5b"><caption></caption><colgroup><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1"><strong class="ph b">参数</strong></th> <th class="entry" id="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2"><strong class="ph b">说明</strong></th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">策略类型</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <div class="p"> <ul class="ul" id="dc_edr_cfg_0061__ul_ly5_kcz_q5b"> <li class="li">入站：规则仅应用于入站连接，即访问本机的请求。</li> <li class="li">出站：规则仅应用于出站连接，即本机向外发送的请求。</li> <li class="li">双向：规则应用于入站及出站两种连接。</li> </ul> </div> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">本地IP</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">通常是*，多网卡配置不同规则的情况填入具体地址。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">本地端口</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">要限制本机访问其他主机填*，限制其他主机访问本机则填入被访问的相应端口或*（代表全部端口）。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">远程IP</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">远程主机的IP地址或地址段。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">远程端口</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">要限制本机去访问远程主机的端口则填入相应端口或*（代表全部端口），限制远程主机对本机发起访问则填*。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">协议类型</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">通常默认为所有。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">处理方式</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">放行或阻止，放行的优先级高于阻止，可用于屏蔽整段IP的访问再开放个别IP允许访问。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">状态</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">开启则生效。</p> </td> </tr> <tr class="row"> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__1 "> <p class="p">应用资产</p> </td> <td class="entry" headers="dc_edr_cfg_0061__table_ky5_kcz_q5b__entry__2 "> <p class="p">本条策略应用的相应资产。</p> </td> </tr> </tbody></table> </div> </li></ol></section>