Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Reorder a Security Policy Rule

The security policy applies the security rules to the transit traffic within a context (from-zone to to-zone). The action of the first rule that matches the traffic is applied to the packet. If there is no matching rules, the packet is dropped. The rules are matched from top to bottom, so it is a good idea to place more specific rules near the top of the list.

For example, a security policy P1 is configured from untrust zone to trust zone with two rules rule Rule-a and Rule-b respectively. If you select Rule-a and move it to the bottom, Juniper Security Director Cloud generates a command to push the Rule-b to first place in the device.

Steps to move security policy rule order:

  1. Select SRX > Security Policy > SRX Policy.
    The Security Policy page appears, displaying the list of security policies.
  2. Click the security policy that you want to edit.
    The security policy page is displayed with a list of rules.
  3. Select the rule to be reordered.
  4. Click More, and select any of the following options to change the rule ordering.
    • Move Top

    • Move Up

    • Move Down

    • Move Bottom

    The modified rule order is displayed on the Security Policy page.
  5. Preview and deploy the security policy with the reordered rules. For details, see Deploy Security Policies