Default firewall settings apply to traffic that does not match any of the user-defined firewall rules. The default firewall rule for Trust Groups is displayed on the centralized firewall user interface, and the default rule for each edge gateway is displayed at the edge gateway level.

The default Trust Group rule allows all L3 and L2 traffic to pass through all prepared clusters in your infrastructure. The default rule is always at the bottom of the rules table and cannot be deleted or added to. However, you can change the Action element of the rule from Allow to Block or Reject, add comments for the rule, and indicate whether traffic for that rule should be logged.


Configuring the firewall to establish Trust Groups is possible only when you have the vCloud Air Dedicated Cloud subscription service.