Configure Traffic Types in a Firewall Policy

Applies To: Cloud-managed Fireboxes

For firewall policies on a cloud-managed Firebox, the Traffic Types settings specify what types of traffic the policy applies to. When you add traffic types to a policy, you can select from a list or add a custom traffic type. Each traffic type specifies the protocols and ports or other parameters specific to the traffic type.

Configure Web Traffic Type Settings

In an Outbound policy, two settings specify how the policy applies to web traffic:

Web Traffic

This option configures the policy to apply to HTTP and HTTPS traffic on specified ports. By default, this option is selected, and the policy applies to HTTP and HTTPS traffic on ports 80 and 443. To change the ports for HTTP and HTTPS traffic, you can edit the ports list.

When Web Traffic is selected, the policy applies to HTTP and HTTPS traffic but the HTTP and HTTPS protocols do not show in the Traffic Types list.

Decrypt HTTPS Traffic

This option configures the policy to decrypt HTTPS traffic. When you select Decrypt HTTPS Traffic, the Firebox decrypts HTTPS connections and scans the content with enabled security services. If the policy allows the content, the Firebox then re-encrypts the HTTPS connections with a different certificate.

To avoid certificate warnings for network users, this option is not selected by default.

To configure a First Run, Last Run, Inbound, or Custom policy to apply to web traffic, add the HTTP and HTTPS traffic types to the Traffic Types list.

Select Traffic Types in a Policy

In the Traffic Types list for a firewall policy you can add predefined and custom traffic types.

In a firewall policy for a cloud-managed Firebox, you can select multiple traffic types in the same policy. This is different from firewall policies for a locally-managed Firebox.

See Also

Configure Firewall Policies in WatchGuard Cloud

Firewall Policy Types