Firewall rules are applied in the order in which they exist in the rule table.

Rules are displayed (and enforced) in the following order:

1

User-defined pre rules have the highest priority and are enforced in top-to-bottom ordering with a per-virtual NIC level precedence.

2

Auto-plumbed rules.

3

Local rules defined at an NSX Edge level.

4

Service Composer rules - a separate section for each policy. You cannot edit these rules in the Firewall table, but you can add rules at the top of a security policy firewall rules section. If you do so, you must re-synchronize the rules in Service Composer. For more information, see Service Composer.

5

Default Distributed Firewall rule

You can move a custom rule up or down in the table. The default rule is always at the bottom of the table and cannot be moved.

1

In the Firewall tab, select the rule that you want to move.

2

Click the Move rule up (move up) or Move rule down (move down) icon.

3

Click Publish Changes.