rule base

In the context of a computer server acting as a firewall, a rule base is a set of rules that govern what is and what is not allowed through the firewall. A rule base can work in one of two ways: it can either explicitly assume that all traffic is allowed unless there is a rule to prevent it, or, more typically, it can assume that no traffic may flow through it unless there is an explicit rule to allow it. Rule bases usually work on a top-down principle in which the first rule in the list is acted upon first, so that traffic allowed by the first rule, will never be judged by the remainder of the rules. Rule bases typically have the format of SOURCE / DESTINATION / SERVICE / ACTION.

This was last updated in April 2007

Dig Deeper on Network Security Monitoring and Analysis