User's Manual Part 2

Using Rules

214 Check Point Safe@Office User Guide

Rule Description

Allow This rule type enables you to do the following:

• Permit outgoing access from your internal network to a specific

service on the Internet.

Note: You can allow outgoing connections for services that are not

permitted by the default security policy.

• Permit incoming access from the Internet to a specific service in

your internal network.

• Assign traffic to a QoS class.

If Traffic Shaper is enabled for the direction of traffic specified in the

rule (incoming or outgoing), then Traffic Shaper will handle relevant

connections as specified in the bandwidth policy for the selected

QoS class. For example, if Traffic Shaper is enabled for outgoing

traffic, and you create an Allow rule associating all outgoing Web

traffic with the Urgent QoS class, then Traffic Shaper will handle

outgoing Web traffic as specified in the bandwidth policy for the

Urgent class.

For information on Traffic Shaper and QoS classes, see Using

Traffic Shaper on page 153.

Note: You cannot use an Allow rule to permit incoming traffic, if the network or

VPN uses Hide NAT. However, you can use Allow rules for static NAT IP

addresses.

Block This rule type enables you to do the following:

• Block outgoing access from your internal network to a specific

service on the Internet.

• Block incoming access from the Internet to a specific service in your

internal network.