User guide
Using Rules
Chapter 13: Setting Your Security Policy 403
Rule
Description
Allow This rule type enables you to do the following:
• Permit outgoing access from your internal network to a specific
service on the Internet.
Permit incoming access from the Internet to a specific service in your
internal network.
• Assign traffic to a QoS class.
If Traffic Shaper is enabled for the direction of traffic specified in the
rule (incoming or outgoing), then Traffic Shaper will handle relevant
connections as specified in the bandwidth policy for the selected QoS
class. For example, if Traffic Shaper is enabled for outgoing traffic,
and you create an Allow rule associating all outgoing Web traffic with
the Urgent QoS class, then Traffic Shaper will handle outgoing Web
traffic as specified in the bandwidth policy for the Urgent class.
For information on Traffic Shaper and QoS classes, see Using
Traffic Shaper on page 293.
Note: You cannot use an Allow rule to permit incoming traffic, if the network or
VPN uses Hide NAT. Use an “Allow and Forward” rule instead. However, you
can use Allow rules for static NAT IP addresses.
Block This rule type enables you to do the following:
• Block outgoing access from your internal network to a specific
service on the Internet.
• Block incoming access from the Internet to a specific service in your
internal network.
• Block connections between hosts on different internal networks.