Change Security Rule Order

In Prisma SD-WAN you can change the security rule order for zbfw.
In Prisma SD-WAN, security policy rules are evaluated in order. If network traffic matches the first rule in a policy set, that rule is applied and access is allowed, denied, or rejected. If traffic passing from the source zone to the destination zone doesn’t match the first rule; it is evaluated against the next rule in the policy set until a matching rule is applied.
You can change the order in which the security policy rules are evaluated by specifying a numerical order value or by dragging and dropping the rule definition to a new location in the graphical representation of the security policy set as part of it. For example, to change the second rule in a policy to be the first rule checked, you can change its policy set position.
  1. From Prisma SD-WAN web interface, go to
    Policies > Security Policies (Original)
    , and select a security policy set.
  2. Select a
    policy rule block
    , drag it to a new position and
    Save Ranking

Recommended For You