This message was deleted.
# neuvector-securitya
adamant-kite-43734
07/20/2023, 8:53 AMThis message was deleted.
q
quaint-candle-18606
07/20/2023, 1:01 PMNetwork rules are matched in order. Also, rules are prioritized by Federated, CRD, learned, and user created… In that order.
👍 2
quaint-candle-18606
07/20/2023, 1:01 PMNot sure if that answers your question. 🙂
f
full-lawyer-94872
07/20/2023, 2:20 PMOne specific question that I have is if a certain network call is to match two deny rules, would it only fire the first one in order and stop? As per my observations, it was so and I am curious to know why would it not evaluate further into the rest of the rules.
q
quaint-candle-18606
07/20/2023, 5:25 PMOnce a condition its a match, and denies on that match, the task is done. 😉
quaint-candle-18606
07/20/2023, 5:25 PMThis is generally accepted practice on things like firewalls.
👍 1
quaint-candle-18606
07/20/2023, 5:27 PMThis is a bit of an aside, and also different situations require different application, but it’s generally a best practice to try to employ explicit
allowdenyf
full-lawyer-94872
07/21/2023, 3:22 AMAgreed and yes, this was a different situation where we had to explicitly define some deny rules to catch a culprit making some malicious calls 🙂
🦜 1
m
modern-australia-88129
07/24/2023, 1:48 PM@quaint-candle-18606 Does this apply to other rule types as well? Regarding order and proritization