Skip to main content

Welcome to our updated site!

Skyhigh Security

Configure Firewall Policies

Configure firewall policy rules to control, manage, and protect your network traffic. You can enforce policies containing rules that control how the firewall inspects, allows, or denies network traffic. Each firewall is associated with a single policy, but a policy can be associated to multiple set of rules. You can define and load policies based on source and destination IP addresses, host, location, ports, detected protocols, types, URL, user group and user names.

Furthermore, Cloud Firewall seamlessly integrates with web policy to provide an additional layer of security for web traffic. You can create firewall policies based on process name, which adds the advantage of detecting and controlling process-based traffic such as Zoom or Teams traffic.

How Firewall Rules Works
  • Applies the policy rules using the first-match principle and runs from top to bottom.
  • Rule set evaluates to true or false based on the criteria, values, and action specified in each rule.
  • Rules are triggered when all their conditions are evaluated to true. 
  • When a rule action is applied, the firewall does not evaluate any further rules.
  • When a rule matches the traffic information, the firewall applies the specified rule action.
  • When the traffic information doesn't match any of the rules, the firewall drops the packet.

To create a firewall policy:

  1. Go to Policy > Cloud Firewall > Policy.
        
    policy1.png
  2. Click New Rule.
  3. Complete the following fields:
    • Name — Specify the name of the Cloud Firewall policy.
    • Criteria — Select criteria to apply the firewall rule and click OK. You can also view the logic used for the selected criteria. You can specify the following multiple criteria in a single rule:
      • All traffic  Applies to all traffic.
      • Client IP —  The IP address of the client or source that sends the traffic.
      • Source IP/ Source Port — The IP address or port that sends the traffic.
      • Destination IP / Destination Port   The IP address or port that receives the traffic.
      • Detected Protocol The protocol detected in the traffic. For example, you can use this criteria to block HTTP traffic to restrict all traffic from the Internet that uses the HTTP protocol. 
      • Host — The IP address of the host.
        Note: The host name cannot be resolved from the protocol.
      • IP protocol The IP protocols. For example, IP protocols like ICMP, TCP, and UDP.
      • Location — The geographic location or regions. 
      • URL — The URL of websites. 
      • User Group — The group of users. Applies rule to all members of a group. For example, groups can be limited to specific protocols when they access the Internet
      • User Name — Specific users. For example, allow internal users to access any Web server on the Internet by using HTTP or HTTPS.
    • Operator — Specify the operator for the selected criteria to build a condition.
    • Value — Click to specify the value based on the set criteria. For example, when you set Destination IP, the Select Destination IP dialog opens to let you specify the IP addresses or range. If you have configured Lists under List Catalog (Policy > Cloud Firewall > List Catalog), you can select them as well.

      Policy2.png
       
    • Action — Specify the action to be performed when a policy is enacted.
      • Allow — Allows traffic that matches the rule to pass.
      • Block — Blocks traffic that matches the rule and sends message to the client.
      • Drop — Drops the traffic that matches the rule and it does not send a response back to the client.
      • Allow Web Policy — Applies the configured web policy rules to the firewall traffic. You can subject the web traffic for deep content inspection by applying both SWG with firewall policy.

To optimize your firewall performance, Skyhigh recommends applying Allow with Web Policy only for the selected traffic that should be subjected to Web Policy for deep inspection. 

policy.png

  • On/Off — Select On to enable a rule and Off to disable a rule. Click threedots.png to view options such as Add New Condition and Delete.
    • Add New Condition — Adds a new condition (criteria). Select a criteria from the list and click OK. You can specify multiple criteria for a single rule. You can also view the logic used for the selected criteria.
    • Delete — Deletes the selected rule.

Publish the saved changes to the cloud now or keep working and publish later.

  • Was this article helpful?