Cato Networks Knowledge Base

Search

Adding Sections to the WAN and Internet Firewalls

This article discusses how to use sections in your WAN and Internet firewall policies.

Overview of Firewall Sections

Firewall rulebases with many rules can be hard to navigate and manage. Add sections to the firewalls and group together many related rules into a single collapsible section.

For more about configuring the Cato WAN and Internet firewall rulebases, see the relevant article in WAN and Internet Firewalls.

Adding Sections to a Firewall Rulebase

Add sections to the Internet or WAN firewalls to improve usability. The first time you add a new section, it is automatically added below the default section of the rulebase. You can't edit the name or delete the default section.

If you create the new section from rule #1, then all the rules are added to the new section. Otherwise, all the rules with a higher priority are added to the default section, and the other rules are added to the new section. For example, if rule #4 is added to the new section, then rules #1-3 are added to the default section and rules #4 and later are added to the new section.

These buttons expand and collapse all the sections:

  • Click FW_Sections_-_Expand_All.png to expand all sections

  • Click FW_Sections_-_Collapse_All.png to collapse all sections

image.png

To add a new section to a firewall rulebase:

  1. From the navigation menu, select Security and then select Internet Firewall or WAN Firewall.

  2. Click New > New Rule Section.

  3. Enter a Name for the section.

  4. From the Starting from dropdown menu, select the rule the new section starts from.

    This rule will be the first rule in the new section. All rules below this rule are also added to this section.

  5. Click Apply, and then click Save.

Working with Firewall Sections

Moving a rule in the firewall rulebase changes the priority of the rule and can have a significant impact on the functionality and performance of that policy. When you want to move a rule to a different section, first select the new priority for the rule and then decide which section the rule belongs to (if relevant).

You can easily move a rule within each section by dragging and dropping that rule to the new position. You can't drag and drop a rule from one section to another, or drag and drop an entire section.

Moving a Rule to a Different Section

To move a rule to a different section, change the priority of the rule and then select the new section for the rule. You can also create a new section for the rule.

To move a rule to a different section:

  1. From the navigation panel, select Security and then select Internet Firewall or WAN Firewall.

  2. Select the rule in the WAN or Internet firewall rulebase.

    The Edit panel opens.

  3. In the General section, enter a new Rule Order for the rule.

  4. If the rule is moved to the top or bottom of a section, choose the section for the rule.

    1. From the Add to Section drop-down menu, select the new section for the rule.

    2. You can also choose to create a New Rule Section, and add the rule to it.

  5. Click Apply, and then click Save.

Managing Sections

When you no longer need a section, you can separate the rules from it and then the section is removed from the rulebase. When you separate the rules from a section, they are moved to the section immediately above. You can also rename a section as required.

You can't remove or rename the first (default) section in the rulebase.

To separate or rename a section:

  1. At the end of the section, click More_icon.png, and select options below:

    • To separate the rules from a section, click Separate Section.

    • To rename, click Rename Section.

  2. Click Save.

Was this article helpful?

1 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.