Skip to main content

Create rules for Firewall Management in OneView

Updated: 

A firewall rule determines which type of traffic your firewall allows in and out of your network. Create firewall rules and organize them together into Rule Groups to be applied to a Firewall Policy.

Create firewall rule

  1. On the left navigation menu, go to Manage > Firewall Management.
  2. Select the Rules tab.
  3. In the top-right, click the Create Rule button OV plus.png.
  4. On the General screen, fill out the following fields and click Next:
    • Name: A name for the Firewall Policy.
    • Description: A description of the Firewall Policy.
  5. On the Traffic Settings screen, select from the following and click Next:
    • Traffic type
      • Inbound: Data entering the endpoint from the network or internet.
      • Outbound: Data leaving the endpoint to the network or internet.
    • Action
      • Allow: Allow the network traffic.
      • Block: Block the network traffic, based on defined parameters such as IP addresses, ports, or applications.
    • Network Profile
      • Domain: Applies when an endpoint is connected to its corporate domain.
      • Private: Applies when a computer is connected to a private network location, such as a home or work place.
      • Public: Applies when a computer is connected to a public network location.
  6. On the Parameters screen, select from the following and click Next:
    • Protocols
      • All protocols
        • Transmission Control Protocol (TCP): Specify preferred TCP configurations if necessary.
        • User Datagram Protocol (UDP): Specify preferred UDP configurations if necessary.
        • Internet Control Message Protocol version 4 (ICMPv4): Used in IPv4 networks to send error messages and perform diagnostics.
        • Internet Control Message Protocol version 6 (ICMPv6): Commonly used in IPv6 networks.
        • Other protocols: Select one of the protocols from the drop-down:
          • HOPOPT
          • IGMP
          • IPV6
          • IPv6-Route
          • IPv6-Frag
          • GRE
          • IPv6-ESP
          • IPv6-AH
          • IPv6-NoNxt
          • IPv-6-Opts
          • VRRP
          • PGM
          • L2TP
    • Program: Select whether this firewall rule applies to all programs or a specific program.
      • Must be an absolute path of the program
      • Wildcard characters are not supported for the file path
      • Built-in Windows environment variables are supported for the file path (i.e. %ProgramFiles%, %ProgramFiles(x86)%, etc.)
      • Service: Select which Windows service this firewall rule applies to. 
        • This field is enabled when the specified program is svchost.exe.
  7. On the Rule Group screen, select or create a rule group to assign to the firewall rule, then click Next. A firewall rule can apply to multiple rule groups.
    Note: A Firewall Rule is only applied to an endpoint when it is included in a Rule Group, which is then associated with a Firewall Policy.
  8. Review the settings and click Save.

Once a firewall rule has been created, apply them to your firewall policies. For more information, see Create Firewall Policies for Firewall Management in OneView.

Manage firewall rules

The following options are available in the Actions ellipsis.png menu of the Rules tab:

  • Clone: Begin creating another Firewall Policy using the same settings of the selected policy.
  • Delete: Remove the selected Firewall Policy.

To modify a rule, click on a Rule name > Actions > Edit.

The following columns are available on the Rules tab:

  • Action: Allow or block.
  • Create: Date the firewall rule was created.
  • Description: Description of the firewall rule.
  • Firewall policies: Number of firewall policies that the firewall rule and rule group are assigned.
  • Last updated: Date the firewall rule was last updated.
  • Local IP addresses: IP addresses on the local machine the rule is applied.
  • Local ports: Ports on the local machine the rule is applied.
  • Network profiles: The type(s) of network profile the rule is applied.
  • Program: Specific program the rule is applied.
  • Protocol: Network protocol(s) for the rule.
  • Remote IP addresses: IP address on the target machine the rule is applied.
  • Remote ports: Ports on the target machine the rule is applied.
  • Rule: Name of the firewall rule.
  • Rule groups: Names of the rule groups the firewall rule is applied.
  • Traffic type: Inbound or outbound traffic.
  • Updated by: The OneView user who last updated the firewall rule.

Click Add / Remove Columns to choose which columns to display. 

Filter and sort data

Use the following features to filter and sort data on the Rules tab:

  • Filter results: Next to a column header, click the filter icon OV Filter.png to narrow the results. When clicking on the filter icon, the filter list at the top of the screen shows which filters are applied. Click on a filtered item to remove it, or Reset filters Reset Filters.png to remove them all. 
  • Column pinning and auto-sizing: Next to a column header, click the hamburger menu button 2020-08-06_13-31-16__1_.png to display a checkbox list of different sub-filters you can apply. Click the hamburger menu button2020-08-06_13-31-16__1_.png to pin or auto size for the selected column.
  • Right-click menu: In the table, click and drag to select and highlight a section of the table. Right-click on your selected information to copy the cells and information.
  • Select all: Click the checkbox next to the Rule column header.

Return to OneView Firewall Management guide.

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more