The features and controls of the configuration pages for the Host and Forwarding Firewall rule sets have a similar interface structure. The main rules section in these pages displays access and application rules that are configured for use in your network. You can view, create, and edit your access rules on this page.
In this article:
The Forwarding Firewall Rule Set
The Forwarding Firewall rule set contains all forwarding access and application rules and provides access to the rules configuration. To open the Forwarding Firewall rule set, go to Config > Full Config > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
The Forwarding Rules page is divided into the following sections:
- Main Rules Section – In the main rules table, you can view and edit the settings for your access or application rules.
- Configuration Menu – The left navigation pane on the page provides you with menu sections to configure your access rules.
- Main Rules Tab – This section lets you create additional rule lists.
- Editing Features – Use these features to edit the rule set.
Main Rules Section and Icons
In the main rules table, the settings for each access rule are organized in the following columns:
Column | Description | |
---|---|---|
Action | The action that is performed by the access rule. | |
Name | The name of the access rule. | |
Features | The features that have been applied to the access rule, as indicated by the following icons: | |
Icon | Feature | |
![]() | Dynamic Rule | |
![]() | Advanced rule parameter changed | |
![]() | Rule matches for swapped source and destination | |
![]() | Scheduled Rule | |
![]() | Generic TCP Proxy | |
![]() | No Source NAT | |
![]() | Authenticated User | |
![]() | No IPS | |
![]() | Custom IPS Policy | |
![]() | Default IPS Policy | |
![]() | Legacy Layer7 Application Control | |
![]() | Continue on Device Mismatch | |
![]() | Proxy ARP | |
![]() | No Application Control 2.0 Scan | |
![]() | Application Control 2.0 Scan without SSL Interception | |
![]() | Application Control 2.0 Scan with SSL Interception | |
![]() | AV scan | |
The following icons apply to application rules only: | ||
Icon | Feature | |
![]() | Application Filter Object | |
![]() | Application Object | |
![]() | Custom Application | |
![]() | Overridden Application | |
![]() | Native Application | |
Service | The service that applies to the access rule. For example, the IP protocol used or, with TCP/UDP, the relevant IP protocol and the port for the traffic. | |
Source | The source addresses that have been selected for the access rule. | |
Destination | The destination addresses that have been selected for the access rule. | |
Application Policy | The application policies that have been applied to the access rule. For more information, see Application Control 2.0. | |
User | The users who are affected by the access rule. | |
Schedule | Displays the times when the rule is applied. | |
QoS | Any traffic shaping settings. For more information, see How to Create and Apply QoS Bands. | |
IPS Policy | The IPS policy that is applied to the access rule. For more information, see Intrusion Prevention System (IPS). |
Main Rules Tab
The Main Rules tab section lets you create additional rule lists.
Editing Features and Icons
The editing features section on the top right of the page provides the following hotkeys that let you perform different actions:
Hotkey | Description |
---|---|
![]() | Show/hide inactive rules |
![]() | Show/select overlapping rules |
![]() | Move a rule down in the rule set |
![]() | Move a rule up in the rule set |
![]() | Delete a rule |
![]() | Edit a rule |
![]() | Add a new rule |
![]() | Add a new IPv6 rule |
![]() | Insert a new rule section |
![]() | Clone a rule |
For more information on the functionalities of the Forwarding Firewall rule set, see Forwarding Firewall.
Host Access Rule Set
You can view the host access rule set on the Host Firewall - Rules page. To open this page go to Config > Box > Infrastructure Services > Host access rules.
The Host Firewall - Rules page provides an interface very similar to the Forwarding Firewall and is divided into the following sections:
- Configuration Menu – The left navigation pane of the page provides you with menu sections to configure your access rules.
- Inbound and Outbound Table – In the table, you can view and edit the settings for all inbound and outbound host access rules. To switch between viewing the inbound and outbound rule sets, click the following tabs:
- Inbound – Shows all inbound Host access rules.
- Inbound-User – (Bound to the Inbound set) Shows a subset of inbound Host access rules.
- Outbound – Shows all outbound Host access rules.
- Outbound-User tab – (Bound to the Outbound set) Shows a subset of outbound Host access rules.
Main Rules Section and Icons
Below the Inbound and Outbound tabs, the settings for each access rule are organized into the following columns:
Column | Description | |
---|---|---|
Action | The action that is performed by the access rule | |
Name | The name of the access rule | |
Features | The features that have been applied to the access rule, as indicated by the following icons: | |
Icon | Description | |
![]() | No IPS | |
![]() | No Source NAT | |
![]() | Legacy Layer7 Application Control | |
Service | The service that applies to the access rule | |
Source | The source selected for the access rule | |
Destination | The destination selected for the access rule | |
Comment | (Optional) Comment | |
User | The users who are affected by the access rule | |
QoS | Any traffic shaping settings. For more information, see How to Create and Apply QoS Bands. | |
Schedule | Displays the times when the rule is applied. |
For more information on the functionalities of the host access rule set, see Host Firewall.