Watchguard Firebox X15 User Manual page 138
Firebox x edge e-series version 10 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X15:
- User manual (266 pages) ,
- Quick start manual (2 pages) ,
- Reference manual (264 pages)
Table of Contents
Advertisement
Firewall Policies
About policy precedence
Precedence is the sequence in which the Firebox examines network traffic and applies a policy rule. The
Firebox automatically sorts policies from the most detailed to the most general. It compares the information
in the packet to the list of rules in the first policy. The first rule in the list to match the conditions of the packet
is applied to the packet. If the detail level in two policies is equal, a proxy policy always takes precedence over
a packet filter policy.
For example, if you want to deny most FTP traffic, but you want to allow it from one IP address, you set the
common packet filter for FTP to No Rule. Because there is no lower precedence, the default action is to deny
the packet. Then you create a new FTP packet filter that applies only to that IP address and set the rule to
Allow. Because the new packet filter applies only to one IP address, it is more detailed and therefore a higher
precedence.
126
Firebox X Edge e-Series
Hide quick links:
Advertisement
Table of Contents
