Getting started with Access rules

Access rules filter traffic by defining matching criteria and an action that is applied to packets that match all criteria defined in the rule.

Access rules are used by Engines, IPS engines, Layer 2 Engines, Master Engines, Virtual Engines, Virtual IPS engines, and Virtual Layer 2 Engines:
  • In Engine and Layer 2 Engine policies, the Access rules are the most important type of rules. The criteria you define in the Access rules determines which connections are allowed. By default, Engine and Layer 2 Engine Access rules stop traffic that you do not specifically allow.
    Note: Master Engines always use Engine Policies regardless of the role of the Virtual Secure SD-WAN Engines they host. Virtual Engines use Engine Policies. Virtual IPS engines use IPS policies. Virtual Layer 2 Engines use Layer 2 Engine Policies.

  • In IPS policies, Access rules can be used to optionally filter out some traffic and to exclude some traffic from further inspection. Only traffic on Inline Interfaces can be filtered with Access rules. IPS engines allow all traffic that you do not specifically deny. For IPS policies based on the IPS Template, all traffic allowed by rules placed after the inherited rules is inspected against the Inspection Policy by default.