About inherited firewall rules

Article:HOWTO81231  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81231
Article Type
How To


Subject


About inherited firewall rules

A subgroup's policy can inherit only the firewall rules that are enabled in the parent group. When you have inherited the rules, you can disable them, but you cannot modify them. As the new rules are added to the parent group's policy, the new rules are automatically added to the inheriting policy.

When the inherited rules appear in the Rules list, they are shaded in purple. Above the blue line, the inherited rules are added above the rules that you created. Below the blue line, the inherited rules are added below the rules that you created.

A Firewall policy also inherits default rules, so the subgroup's Firewall policy may have two sets of default rules. You may want to delete one set of default rules.

If you want to remove the inherited rules, you remove the inheritance rather than delete them. You have to remove all the inherited rules rather than the selected rules.

The firewall processes inherited firewall rules in the Rules list as follows:

Above the blue dividing line

The rules that the policy inherits take precedence over the rules that you create.

Below the blue dividing line

The rules that you create take precedence over the rules that the policy inherits.

Figure: An example of how firewall rules inherit from each other shows how the Rules list orders rules when a subgroup inherits rules from a parent group. In this example, the Sales group is the parent group. The Europe Sales group inherits from the Sales group.

Figure: An example of how firewall rules inherit from each other

An example of how firewall rules inherit from each other

See Managing firewall rules

See Adding inherited firewall rules from a parent group.


Legacy ID



v9661308_v81626096


Article URL http://www.symantec.com/docs/HOWTO81231


Terms of use for this information are found in Legal Notices