Best Practices for Ordering of Policy layers and Rules within layers.


Article ID: 167682


Updated On:


Advanced Secure Gateway Software - ASG ProxySG Software - SGOS


You want to know about the order in which policy layers and rules should be applied


Ordering of Policy Layers and Rules

1. Always order policy layers from the general to the specific.

When the ProxySG evaluates policy layers, layers that come last always override policy layers that precede it. So, establish a general rule in an early policy layer, and then write exception rules in later policy layers.

2. Always order rules within a policy layer from the specific to the general.

When the ProxySG evaluates the rules in a policy layer, it stops as soon as it finds a rule that meets the conditions; it does not look at subsequent rules in the layer, but moves on to the next layer.