Go to Network > Network Profiles > Interface Mgmt to define an Interface Management profile.
Select the Services needed to be allowed from the list.
(Optional) Select the source IP addresses to configure the firewall.
Associate the Interface Management profile with the Interface (Network > Interfaces > Ethernet > Advanced Tab > Other Info).
Commit.
To have granular control of the IP addresses that can access the different management services, security policies can be configured to allow/deny this traffic. For example, Allow_SNMP rule, in the example below, allows only SNMP traffic from 100.100.100.100 to 1.1.1.1, which is the firewall interface. The rule Allow_SSH_HTTPS_Ping allows ping, ssh, and ssl to the interface address from any source.