Chapter 4 Firewall
The firewall rule table is searched from the top of the table to the end (if necessary) looking for the first firewall rule that will match the session. Thus, it is important to put the most specific rules (for example, those configured with user authentication, IP address groups/ ranges, or web filtering) towards the top of the table. The following diagram illustrates how session requests are evaluated.
Figure
STEP 4
STEP 5
When a rule is matched, the device enforces the firewall rule based on the action and logging configuration for the rule: Traffic is either permitted or blocked; the event is entered in the local log, sent to a remote syslog server, or not logged at all.
If no matching firewall rule is found in the firewall rules list, the device denies the request using the implicit deny rule preconfigured on the device. For details, see “Default Firewall Rules” on page 67.
66 X Family LSM User’s Guide V 2.5.1