Access control rule management

The rules table of the access control policy editor allows you to add, edit, categorize, search, filter, move, enable, disable, delete, and otherwise manage access control rules in the current policy.

Properly creating and ordering access control rules is a complex task, but one that is essential to building an effective deployment. If you do not plan your policy carefully, rules can preempt other rules, require additional licenses, or contain invalid configurations. To help ensure that the system handles traffic as you expect, the access control policy interface has a robust warning and error feedback system for rules.

Use the search bar to filter the list of access control policy rules. You can deselect the Show Only Matching Rules option to see all rules. Matched rules are highlighted.

For each access control rule, the policy editor displays its name, a summary of its conditions, the rule action, and icons that communicate the rule’s inspection options or status. These icons represent:

  • Time Range Option (time range icon)

  • Intrusion policy (intrusion policy icon)

  • File policy (file policy icon)

  • Logging (logging icon)

  • Warning (warning icon)

  • Errors (error icon)

  • Rule Conflict (Rule conflict icon)

Disabled rules are dimmed and marked (disabled) after the rule name.

To create or edit a rule, see Create and edit access control rules.

Tip

A right-click menu provides shortcuts to many rule management options, including editing, deleting, moving, enabling, and disabling.