Create Firewall rules that relate to inbound traffic in the inbound traffic Rule Base and rules that relate to outbound traffic in the outbound traffic Rule Base.
To create a Firewall rule:
Column |
Description |
---|---|
NO |
Rule priority number. Rule priority is important because a client checks firewall rules based on its sequence in the Rule Base. Rules are enforced from the top to the bottom. The last rule is usually a Cleanup Rule that says to drop traffic that does not match any of the previous rules. |
Name |
Name of the Firewall Rule. |
Source or Destination |
|
Service |
Network protocol or service used by traffic. |
Action |
What is done to traffic that matches the rule: Accept or Drop. |
Track |
When the rule is enforced:
|
Notes on configuring Tracking:
Firewall Rules and Domain Controllers
Important - When creating Firewall Rules for endpoint clients, create explicit rules that allow all endpoints to connect to all of the domain controllers on the network. |
The same Network Objects and Services are used throughout the SmartEndpoint and in SmartConsole. When you create a new object, it is also available in SmartConsole. If you change an object in the SmartEndpoint or SmartConsole, it is changed everywhere that the object is used.
To create a Network Object:
To create a Service:
When you delete a rule, it is removed from the Rule Base and not enforced in the policy.
When you disable a rule, the rule is not enforced in the policy. The rule stays in the Rule Base with an X showing that it is disabled. Select Disable rule again to make the rule active.
To delete or disable a rule:
The rule is not physically deleted or disabled until you install the policy.