Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
handiansudianto
Advisor
Jump to solution

Rules Order

Hello,

We have network policy layer and application policy layer. The network policy have higher preference than application policy.

With this scenario i want to know :

  • If there any incoming traffic matched one of rule set in the network rule, will application policy applied?
  • How can application policy applied, because the application policy have secondary preference and on the bottom of network rule the is implicit deny? In my mind because in network policy have implicit denied so the application policy will not applied.
0 Kudos
30 Replies
PhoneBoy
Admin
Admin

That will work.
However, I would restrict the services to http/https and the destinations.
You can use the “ExternalZone” object for the destination easily enough. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events