The table of security rules is displayed in the [Application & Services → NGFW → Policy → Firewall → Security rules section.
The table contains the following information about security rules:
UUID is the unique ID of the rule. Automatically assigned.
Priority is the priority of the rule. The default rule has no number.
Name is the unique name of the rule.
Description is an arbitrary description. Optional setting.
Status is the status of the rule indicating whether the rule is enabled or not.
Action is the action that is performed with an IP packet that matches the rule.
Source addresses lists one or more source addresses with the following values: host, subnet, range of IP addresses.
Source user groups is the user name or user group that was added to the rule as a source.
Source security zones lists security zones added to the rule as a source.
Destination addresses lists one or more destination addresses with the following values: host, subnet, range of IP addresses.
Destination FQDN lists one or more domain names added to the rule as a destination.
Destination security zones lists security zones added to the rule as a destination.
Services is one or more services with the following values: protocol, source port, destination port.
Security profile group is the security profile group assigned to the security rule when the Inspect action is selected. You can specify only one security profile group per rule.
Web Control profile, DNS Security profile, Anti-Virus profile, IDPS profile are security profiles that are included in the security profile group assigned to the security rule.
Schedule is the schedule of the rule.
Logging at session start is the logging status indicating whether or not a security event is sent to the SIEM system whenever a session matching this rule starts.
Logging at session end is the logging status indicating whether or not a security event is sent to the SIEM system whenever a session matching this rule ends.
Application protocols lists one or more application protocols specified for filtering by application.
Client applications lists one or more client applications.
Application services lists one or more application services specified for filtering by application.
Last edited by is the user account of the author of the last changes of the rule. If information about the author of the last change is missing, the field is empty.