Add or edit a network rule

Use the Network policy stage to configure rules that filter network traffic initiated from within your organization.

Steps

  1. Click a setting within an existing rule to edit it, or click New to create a new rule.
    Use the More menu beside a rule to add a new rule before or after an existing rule, or to delete the rule.
  2. Give the rule a Name, and optionally a Description.
  3. Click the Source setting to define the local traffic sources to which the rule will apply. If you do not add a source, the default entry of ANY is used: the rule will apply to traffic from any source to which the policy applies.
    Click the Type or click to select field and begin typing to search for an available resource, or click a resource type to select available resources from a list. Repeat the process to add all required sources for the rule.
    You can click New to define a new resource.
    You can remove a resource from the rule by clicking the Remove button. To reset the source setting, click the Type or click to select field and click Set to ANY.
  4. Click the Destination setting to define the traffic destinations to which the rule will apply. If you do not add a destination, the default entry of ANY is used: the rule will apply to traffic to any destination.
    Click the Type or click to select field and begin typing to search for an available resource, or click a resource type to select available resources from a list. Repeat the process to add all required destinations for the rule.
    You can click New to define a new resource.
    You can remove a resource from the rule by clicking the Remove button. To reset the source setting, click the Type or click to select field and click Set to ANY.
  5. Click the Service setting to define the protocol/port/ICMP services to which the rule will apply. If you do not add a service, the default entry of ANY is used: the rule will apply to traffic to any protocol/port/ICMP type.
    Click the Type or click to select field and begin typing to search for an available resource, or click a service type to select available services from a list. Repeat the process to add all required Services for the rule.
    You can click New to define a new resource.
    You can remove a resource from the rule by clicking the Remove button. To reset the source setting, click the Type or click to select field and click Set to ANY.
  6. Select the Action setting to apply to traffic that matches this rule.

Available actions are:

  • Allow and bypass: allows matching traffic and bypasses further policy processing stages. Traffic is not decrypted.
  • Block: blocks matching traffic.
  • Continue inspection: allows matching network traffic, and continues processing further policy stages. The request may be blocked by subsequent policy stages

  1. When you have finished, click Save.