About the firewall rule, firewall setting, and intrusion prevention processing order

Article:HOWTO54968  |  Created: 2011-06-29  |  Updated: 2011-12-20  |  Article URL http://www.symantec.com/docs/HOWTO54968
Article Type
How To


Subject


About the firewall rule, firewall setting, and intrusion prevention processing order

Firewall rules are ordered sequentially, from highest to lowest priority, or from the top to bottom in the rules list. If the first rule does not specify how to handle a packet, the firewall inspects the second rule. This process continues until the firewall finds a match. After the firewall finds a match, the firewall takes the action that the rule specifies. Subsequent lower priority rules are not inspected. For example, if a rule that blocks all traffic is listed first, followed by a rule that allows all traffic, the client blocks all traffic.

You can order rules according to exclusivity. The most restrictive rules are evaluated first, and the most general rules are evaluated last. For example, you should place the rules that block traffic near the top of the rules list. The rules that are lower in the list might allow the traffic.

The Rules list contains a blue dividing line. The dividing line sets the priority of rules when a subgroup inherits rules from a parent group.

See Changing the order of firewall rules.

See How a firewall works.

See How intrusion prevention works


Legacy ID



v8642294_v59371755


Article URL http://www.symantec.com/docs/HOWTO54968


Terms of use for this information are found in Legal Notices