Applies To: Cloud-managed Fireboxes
In a firewall policy for a cloud-managed Firebox, you can configure which security services apply to the traffic the policy handles.
You can enable and disable security services in the Security Services section of a policy. The security services you can enable in the policy depend on the policy type:
| Policy Type | Content Filtering | Geolocation | Content Scanning | Tor Exit Node Blocking |
|---|---|---|---|---|
| Outbound |
|
|
|
|
| Inbound |
|
|
|
|
| Custom |
|
|
|
|
| First Run | Application Control only |
|
|
|
| Last Run | Application Control only |
|
|
When you add a policy, all available security services are enabled in the policy by default. In policy settings for Content Filtering and Geolocation, you select which action the policy uses.
To configure security services for a policy:
- Add or edit a policy. For more information, see Configure Firewall Policies in WatchGuard Cloud.
- To enable or disable a security service, click the toggle for the service.
Tor Exit Node Blocking is available in Fireware v12.8.1 and higher and Fireware v12.5.10 and higher.
- To change the Content Filtering action, select the action from the drop-down list.
For information about how to configure Content Filtering actions, see Configure Content Filtering in WatchGuard Cloud.
- To change the Geolocation action, select the action from the drop-down list.
For information about how to configure Geolocation actions, see Add Geolocation Actions in WatchGuard Cloud.
- To save the policy, click Save.
Make sure that any services you enable in policies are also enabled in the global Security Services settings. The Security Services section of the Device Configuration dashboard shows which services are enabled. For more information, see About Firebox Security Services Settings.