About the Policies Pages

The policies included in your current XTM device configuration appear on the Firewall Policies and Mobile VPN Policies pages. From these pages you can see configuration information, such as source and destination addresses, assigned ports, policy-based routing, and application control settings, as well as whether notification, scheduling, and QoS/Traffic Management are configured. You can also add, edit, and delete policies on these pages.

Screen shot of the Firewall Policies page

By default, Fireware XTM Web UI sorts policies from the most specific to the most general. The order determines how traffic flows through the policies.

For more information about how to add policies, see Add Policies to Your Configuration.

This information appears for each policy:


The order in which the policies are sorted, and how traffic flows through the policies. Policies are automatically sorted from the most specific to the most general. To manually select the order in which the policies are applied, you can switch to Manual-Order Mode. When the Policy List is in Manual-Order Mode, you can sort the policy list by column.

To switch to Manual-Order Mode and change the policy order:

  1. Click Disable policy Auto-Order mode.
    A confirmation message appears.
  2. Click Yes to enable Manual-Order Mode.
  3. Select one or more policies in the list and click Move Up or Move Down.
  4. Click Save Policy Order.

For more information on policy order, see About Policy Precedence.


The action taken by the policy for traffic that matches the policy definition. The symbols in this column also indicate whether the policy is a packet filter policy or a proxy policy, and the settings that are configured for the policy:

Policy Name

Name of the policy, as defined in the Name text box on the Policy Configuration page.


The protocol that the policy manages. Packet filters include the protocol name only. Proxies include the protocol name and -proxy. ALGs include the protocol name and -ALG.


The source addresses for this policy.


The destination addresses for this policy.


Protocols and ports used by the policy.


The interface numbers that are used for failover in the policy-based routing settings for the policy.

Application Control

The Application Control action enabled for the policy.

For more information, see Enable Application Control in a Policy.


The policy tag that is applied to the policy. To filter the policies in the policy list by the applied policy tags, click and apply a policy filter.

For more information, see About Policy Tags and Filters.

See Also

Add Policies to Your Configuration

About Policy Properties

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base