Firewall rule behavior varies with different Security Groups.
Enable User Identity Security Group (RDSH Section) | Identity Security Group (RDSH Section) | Any Security Group (Non-RDSH Section) |
---|---|---|
Source - SID based rules are preemptively pushed to hypervisor. Rule enforcement is on the first packet. | Source - IP based rules | Source - IP based rules |
Destination - IP based rules | Destination - IP based rules | Destination - IP based rules |
Applied To with Identity based Security Group - Applied to all hosts | User based Applied To | |
Applied To with Non-Identity based Security Group - User based Applied to | User based Applied to |