Egress Filters for Additional Filtering Capabilities
Egress filters provide additional filtering capabilities when applied on tool or hybrid ports in a policy. Egress filters are used to pass or drop the traffic and can be combined logically using 'AND' and 'OR' operators.
Note: The number of egress filters vary depending on the platform. Refer to the Port Filters section for the number of filters allowed for each platform.
To apply egress filter for a tool port in a policy:
- Select the tool port or the hybrid port for which you need to add filters.
- Click the Egress filter icon and click Edit.
- Click Add a Rule.
- Select the required conditions.
- To create an egress filter with logical AND: In a single rule, create multiple conditions. That is, create Rule 1 with conditions for filtering IPv4 traffic and source port as '443'. Traffic will get filtered to the tool only if both of these conditions are true.
- To create an egress filter with logical OR: Create multiple rules with required conditions. That is create Rule 1 to filter IPv4 traffic and Rule 2 to filter traffic from source port ''443'. Traffic will get filtered to the tool even if one of the condition is true.
- Drop rules are applied first.
- If there are only drop rules, then all the traffic except that specified in the drop rule(s) will be passed.
- If there are only pass rules, only the traffic specified in the pass rule(s) will be passed and all other traffic will be dropped.
- If there are both drop and pass rules, only the traffic specified in the pass rule(s) that does not also match the drop rule(s) will be passed.
Note: Use the edit icon to edit the egress filter directly from the canvas. If you edit the egress filter in edit mode, the Deploy button is disabled.