Monitoring Active Firewall Policies

Manual Chapter : Monitoring Active Firewall Policies

Applies To:

Show Versions

You use the Active Policy screen to view summary information about the firewall policies and rules that are currently active on BIG-IP^® devices.

Click Monitoring > REPORTS > Security > Network Security > Active Firewall Policies .
Review the firewall policies, including on what BIG-IP devices they are active.
To review the rules and rule lists in a policy, click the policy name.
The screen displays rules and rule lists in the policy.
To edit a rule or rule list, click the name of the rule or rule list.

This table describes the rule properties shown for a firewall policy that is active on a BIG-IP device.

Column	Description
#	Specifies the evaluation order of the rule within the policy. Rules are evaluated from the lowest number to the highest. If a rule is contained within a rule list, it will be numbered after the decimal point. For example, a policy with 3 rules, followed by a rule list containing 2 rules, followed by another rule outside of the rule list, would be numbered as: `1, 2, 3, 4, 4.1, 4.2, 5`. In the example, 4 represents the rule list, and 4.1 and 4.2 are the evaluation order of the rules within that rule list.
Rule Name	Specifies the name of the rule. This contains a reference to the rule list when the row contains a rule list. You can click the rule name for more information.
Rule List Name	Specifies the name of the rule list that contains one or more rules. This is blank when the row contains a rule.
Action	Specifies the action taken when the rule is matched, such as whether it is accepted or rejected.
Protocol	Specifies the IP protocol used by the rule to compare against the packet.
Log	Specifies whether the firewall software should write a log entry for any packets that match this rule.
State	Specifies the activity state of the rule, such as whether it is enabled or disabled.