You can add a section to segregate firewall rules. For example, you might want to have the rules for sales and engineering departments in separate sections.

You can create multiple firewall rule sections for L2 and L3 rules.

Cross-vCenter NSX environments can have multiple universal rule sections. Multiple universal sections allow rules to be easily organized per tenant and application. If rules are modified or edited within a universal section, only the universal distributed firewall rules for that section are synced to the secondary NSX Managers. You must manage universal rules on the primary NSX Manager, and you must create the universal section there before you can add universal rules. Universal sections are always listed above local sections on both primary and secondary NSX Managers.

Rules outside the universal sections remain local to the primary or secondary NSX Managers on which they are added.