Overview of Creating a Firewall

1. Create a firewall policy

Create a firewall policy to contain firewall policy rules. These rules deny or allow connections to your virtual cloud network.

To create a firewall policy, see Create a Firewall Policy.

2. Create firewall policy rules

Create firewall policy rules to control how the firewall policy inspects, allows, or denies network traffic. You can create decryption, security, and tunnel inspection rules. To help you build rules, create firewall policy components, such as firewall policy lists and decryption profiles. Firewall policy lists are groups of applications, services, URLs, and addresses. Decryption profiles, along with mapped secrets, define rule actions in decryption rules. Decryption rules are enforced before security rules.

If you don't create firewall policy rules in a firewall policy, then any firewall you associate it with will deny all traffic.

To create firewall policy rules, see Firewall Policy Rules.

3. Create a firewall

Create a firewall in a virtual cloud network subnet to control incoming and outgoing network traffic. When you create a firewall, you'll select a firewall policy to associate with it. However, if you associate a firewall policy without any firewall policy rules, the firewall will deny all traffic.

To create a firewall, see Create a Firewall.

4. Route network traffic to the firewall

After the firewall is created, route traffic to it.

For routing scenarios, see Routing Network Traffic to a Firewall.