Access Rules
The Access Rules window, shown in Figure 15-8, gives the security administrator a place to
add or modify an access-list rule for the Security Appliance. This window combines the
concepts of access lists, outbound lists, and conduits to describe how a specific host or
network interacts with another host or network to permit or deny a specific service and/or
protocol. Clicking the Add or Edit button will open a new window, shown in Figure 15-8,
which will allow you to configure or modify an access rule. The options available in this
window are the same as if you are configuring an access-list rules statement from the CLI,
including source and destination classifications, as well as source and destination ports.
Access rules are listed in sequential order and are applied in the order in which they appear
on the Access Rules tab. This is the order in which the PIX Firewall evaluates them. An
implicit, unwritten rule denies all traffic that is not permitted. If traffic is not explicitly
permitted by an access rule, it is denied. Additionally, the window displays a diagram that
helps the security administrator understand how the new rule will be applied on the Security
Appliance.