Policies are evaluated in the order that they appear on the Policies > Configuration page. Symantec Web Gateway evaluates the policy at the top of the page first. If more than one policy applies to the same computer, only the rules in the first matching policy determine what action to take. Symantec Web Gateway ignores the policies after the matching policy.
Assume that you define a policy for malware that applies to subnet 192.168.0.0 and a separate policy for malware that applies to VLAN ID 2. If a computer on VLAN 2 using IP address 192.168.0.5 encounters malware, only the first matching policy determines the action to take.
Adjusting the precedence is usually only necessary if you mix policy workgroups of different network types. If you consistently use subnet, IP range, or VLAN ID to define all of your workgroups , new policies are inserted in the correct order. If you use workgroups of different network types in your policies, ensure that the policies are ordered as you want. Precedence is also necessary in the case of conflicting or overlapping policies of the same network type.
You can also change the order of Spyware Category, Spyware Severity, and Detection Type within a policy.
To configure policy precedence order
In the Web GUI, click Policies > Configuration.
Click an arrow symbol next to a policy to move up the policy or move down a policy.
Repeat this process for other policies until the policies are the order that you want.
Click Save and Activate Changes.
Imported Document ID: HOWTO54159
Subscribing will provide email updates when this Article is updated. Login is required.