As described in the NSX Administration Guide, default firewall settings apply to traffic that does not match any of the user-defined firewall rules. In the vCloud Director tenant portal, the default distributed firewall rule is labeled Default Allow Rule.
The distributed firewall capability must be enabled on an organization virtual data center before you can manage the distributed firewall settings using the tenant portal.
The default distributed firewall rule is configured to allow all layer 3 and layer 2 traffic to pass through the organization virtual data center. This setting is indicated by the Allow set in the Action column in the user interface. The default rule is always at the bottom of the rules table.
You cannot delete or modify the default distributed firewall rules.