: Create Security Policy Rules
Focus
Focus

Create Security Policy Rules

Table of Contents

Create Security Policy Rules

Create security policy rules on the firewall to control traffic flow between EPGs in Cisco ACI.
Create security policy rules to control the traffic moving between your EPGs. By default, the firewall allows all intrazone traffic. Therefore, because the EPGs are in the same zone, all between those EPGs is allowed. Before creating a new rules, you will change the default intrazone rule from allow to deny.
  1. Select PoliciesSecurity.
  2. Click on intrazone-default to highlight the row and click Override.
  3. Select the Action tab.
  4. Select Deny from the Action drop-down.
  5. Click OK.
  6. Configure additional security policy rules based on your needs using the address objects and zone you created for your EPG.