Create policy page

maxvp · maxvp · commit 03a299bf362c · 2024-10-23T14:12:36.000-05:00
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/create-policy.mdx b/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/create-policy.mdx
@@ -0,0 +1,33 @@
+---
+title: Create your first DNS policy
+pcx_content_type: learning-unit
+sidebar:
+  order: 1
+---
+
+import { Render } from "~/components";
+
+DNS policies determine how Gateway should handle a DNS request. When a user sends a DNS request, Gateway matches the request against your filters and either allows the query to resolve, blocks the query, or responds to the query with a different IP.
+
+You can filter DNS traffic based on query or response parameters (such as domain, source IP, or geolocation). You can also filter by user identity if you connect your devices to Gateway with the [WARP client or Cloudflare One Agent](/learning-paths/secure-internet-traffic/connect-devices/install-agent/). To learn more, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).
+
+To create a new network policy:
+
+1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**.
+
+2. In the **Network** tab, select **Add a policy**.
+
+3. Name the policy.
+
+4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block.
+
+5. Choose an **Action** to take when traffic matches the logical expression. For example, we recommend adding a policy to block all [security categories](/cloudflare-one/policies/gateway/domain-categories/#security-categories):
+
+   <Render
+   	file="gateway/policies/block-security-categories"
+   	product="cloudflare-one"
+   />
+
+6. Select **Create policy**.
+
+For more information, refer to [DNS policies](/cloudflare-one/policies/gateway/dns-policies/).
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/index.mdx b/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/index.mdx
@@ -3,7 +3,6 @@ title: Build network security policies
 pcx_content_type: overview
 sidebar:
   order: 8
-
 ---
 
 After creating policies for security based on DNS resolution, we can layer in additional security controls with the Gateway network firewall, which operates at Layer 4 of the OSI model. The Gateway network firewall allows you to build specific policies to block users or services' ability to connect to endpoints at specific IPs or on specific ports. You can also use [Protocol Detection](https://developers.cloudflare.com/cloudflare-one/policies/gateway/network-policies/protocol-detection/) to block proxying specific protocols.
@@ -12,4 +11,5 @@ After creating policies for security based on DNS resolution, we can layer in ad
 
 By the end of this module, you will be able to:
 
-* Add recommended network security policies.
+- Creat your first Gateway network policy.
+- Add recommended network security policies.
diff --git a/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/recommended-network-policies.mdx b/src/content/docs/learning-paths/secure-internet-traffic/build-network-policies/recommended-network-policies.mdx
@@ -2,7 +2,7 @@
 title: Recommended network policies
 pcx_content_type: learning-unit
 sidebar:
-  order: 1
+  order: 2
 ---
 
 import { Details, GlossaryTooltip, Render } from "~/components";
