I have created a firewall policy with the goal of whitelisting network traffic and the applications associated with the traffic. I am using a "Permit all TCP" and "Permit all UDP" before the explicit "Block all traffic" rule so that I can monitor and review firewall rules and not restrict myself from other services.
Is there any reason why traffic from BlueCoat Client to 80/TCP would not be handled by the rule shown in the screenshhot. My firewall logs show the BlueCoat Client traffic being handled by the "Allow All TCP" which is far lower down on the rule stack as opposed to the FW rule to permit BlueCoat Client traffic out-bound?
Solved! Go to Solution.