Global Exceptions

You can add rules from the Global Exceptions list to individual firewall policies. These rules are available when you create a new policy, however, only those rules that you have actually enabled in that policy will remain after you save it.

Global Exception Rules are not altered by editing a rule from within a policy. Add or edit rules in the Global Exception list to have the change available for all new policies. Global exception rules already attached to a policy will not change, even if they are edited in the rule list.

One other point to keep in mind is that global exception rules have a pre-defined action, either Allow or Deny. Be sure this action agrees with the fundamental construct of your policy. For example, if you set the policy Security Level = Low, that is, allow traffic to and from all ports, you need to change any exception rules imported from the global list to Deny traffic for your exception ports. See Global Exception Rules for configuration details.