As an enterprise administrator, you can configure firewall rules, edge access information, and enable or disable firewall status and logs, using the Firewall tab in the Profile Configuration dialog.
Firewall Profiles are Segment aware. All Segments available for the configuration are listed in the Configure Segment drop-down menu. When you select a Segment to configure from the Configure Segment drop-down menu, the settings and options associated with that Segment appear in the Configure Segments area. Global Segment [Regular] is the default Segment.
For more information about Segmentation, see Configure Segments.
The firewall configuration at the profile level includes:
- Enabling Syslog Forwarding. By default, the Syslog Forwarding feature is disabled for an enterprise. To collect SD-WAN Orchestrator bound events and firewall logs originating from enterprise SD-WAN Edges to one or more centralized remote Syslog collectors (Servers), an enterprise user must enable this feature at the enterprise level. For steps on how to configure Syslog collector details per segment in the SD-WAN Orchestrator, see Configure Syslog Settings at Profile Level.
- Enabling Stateful Firewall at the Profile and Edge level. By default, the Stateful Firewall feature is enabled for an enterprise. To disable the Stateful Firewall feature for an enterprise, contact an Operator with Super User permission.
- Configure Firewall Rule.
- Configuring Edge access
Note: You can disable the Firewall function for profiles by turning the
Firewall Status to OFF.
Related Links