-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
What does the Allow, Deny & Discard do on an Access Rule?
07/25/2022 
65 People found this article helpful
355,843 Views
Description
This article explains the 3 Actions available on an access rule
Resolution
Firewall rules, in general, based on concept of Implicit Deny. Implicit Deny basically means that the default answer to whether a communication is allowed to transit the firewall is always No or Deny. Therefore, the majority of Access Rules tend to be Allow. A firewall will process a communication, inbound or outbound, based on the highest priority rule to the lowest. Once a rule is found with conditions that match, that rule is executed by the firewall. Allow, Deny & Discard is the action that the firewall will take for any communication that meets the conditions of a particular Access Rule. Should a communication come into the firewall and no Access Rule meets the condition to allow it through, the firewall will Drop the communication.
Gen7 Add access rule dialog box
Allow – This means that the firewall will permit the communication to continue through the firewall to its destination.
NOTE: When creating a new access rule, the default Action on your firewall is set to Allow.
Gen6 Add access rule dialog box
Deny – This means that when a communication is found to match the conditions of an Access Rule with the Deny action, the communication will not be permitted to proceed. The communication is Dropped by the firewall. A RST (reset) packet sent back to the originating device and the communication will be ended. The RST packet is a communication that goes back to the originator of the traffic stating that the connection has been closed. Under most circumstances, you should not have to write a Deny rule as Deny is the default action as described above.
NOTE: Be advised that the RST packet is a normal part of network communications and is not unique to the SonicWall.
Discard – This option is much like Deny in that it will stop and drop the communication. In this instance, the firewall will not send a RST packet as described in the Deny action above. When the RST packet does not go back as with Deny, the originator has no confirmation that there is a device to respond at the IP address that is trying to reach. Even if the originator suspects that it is a security function that is stopping it, they will still not know anything for sure. This is essentially Stealth Mode applied at the Access Rule level.
Related Articles
- How to block like/comment/post/share features of Facebook using App Rules
- How to block various YouTube features using App Rules
- How can I enable or disable SonicWall firewall management access?
Categories
- Firewalls > NSa Series
- Firewalls > TZ Series
- Firewalls > SonicWall NSA Series
- Firewalls > NSv Series
YES
NO