The firewall can be enabled on a per-location basis.

Before Enabling the Firewall

1. Ensure you have configured the following policy resources:
   • Users, Groups, Departments, Locations, and Sub-locations for your firewall policies
   • Time Intervals
   • Network Applications. You can create network application groups as needed.
   • Network Services. You can modify network services to edit services, add custom services, and create groups.
   • Source and Destination IPv4 Address Groups
   • IPv6 Configuration
2. Ensure you have defined the necessary rules for each policy:
   • Firewall Filtering Policy
   • NAT Control Policy
   • DNS Control Policy
   • IPS Control Policy
3. If your organization uses non-standard ports for HTTP, HTTPS, DNS, FTP, RTSP, or PPTP traffic, ensure you have configured the service to use custom ports for these services.

Enabling the Firewall for a Location

To enable the firewall for a location:

1. Go to Infrastructure > Internet & SaaS > Traffic Forwarding > Location Management > Location.

2. Click the Edit icon next to the location you want to enable.

   See image.

   

   Close

3. Select Enforce Firewall Control to enable the service's firewall controls.

4. Select Enable IPS Control to enable the service's IPS controls. (Available with the Advanced Firewall subscription).

   See image.

   

   Close

5. Click Save and activate the change.