Policy Manager 14 Firewall


Policy Manager 14 Firewall



Im configuring a firewall profile for my endpoint clients (v14.10). 

I know that there is no order anymore in this firewall version, so 1 is not validated before 2. ( what strange is for firewall rules).

I read somewhere that if u have a rule that allows something specific and u have a general rule that blocks everything. That the specific rule (allow rule) applies to it.

However i would like to block a certain protocol in my network. But to some ip adresses the client can still use that protocol. 

So i have 2 rules, one that allows the protcol being used to that ip adres and one that blocks everything.

And this does not work. I see in the log on the client device that the block rule blocks the connection to that specific ip over that protocol.


Any help?


Re: Policy Manager 14 Firewall

Hi Thomasvr,


There should be different rules for inbound and outbound.
For inbound, it should be enough to add only allow rule for customer IPs. All the rest should be blocked by default.
For outbound, you need to create 2 rules. One to block all IPs for a specific protocol, and one for allowing specific IPs for it. It is also possible to have only one block rule with specified ip ranges which will not include required IPs.