Need policy action as DENY
Bug #1496504 reported by
Biju Varghese
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Group Based Policy |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
Deny action is needed for the policy action along with Allow.
There can be a requirement to deny specific set of ports from a range of allowed ports.
In ACI , we also have taboo which is deny.
To post a comment you must log in.
GBP follows a while-list based model where-in everything is denied by default and you open up connectivity as required. In this model explicit deny is not required. I believe you are making a case for specifying exceptions in cases when connectivity is explicitly opened.