What about conflicting rules?

Usually, when configuring firewall devices (physical, dedicated firewalls), you always have to factor in rule conflicts and rule-order priority. What if your list contains rules that overlap or fight with each other? What if you create a rule that allows traffic from your clients to the entire network, but then another administrator creates a rule that only allows traffic to certain parts of the network? What happens? Who wins?

In the WFAS world, everybody wins. (I promise I am not a millennial!) Unlike most firewalls, the rules presented inside WFAS are not sequential, those listed at the top have no higher priority than those listed at the bottom of the list. Instead, all rules inside WFAS are added up and applied cumulatively. If there are multiple rules that configure different levels of access to the same devices, it does not matter because they all get joined together. All of the rules apply.

The one potential conflict that does still exist is if there is an allow rule that directly conflicts with something inside a block rule. If this happens, the block rule always wins.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.40.182