A network administrator is reviewing firewall policies in both Interface Pair View and By Sequence View. The policies appear in a different order in each view. Why is the policy order different in these two views?
In FortiOS 7.6, firewall policies can be displayed in multiple views to help administrators understand and manage rules more effectively. The difference in ordering between Interface Pair View and By Sequence View is intentional and documented.
Why the policy order is different
Interface Pair View
Groups firewall policies based on the incoming (From) and outgoing (To) interfaces.
Policies are organized under interface pairs such as:
LAN WAN
WAN LAN
Within each interface pair, policies may appear reordered compared to the global list.
This view is designed for readability and troubleshooting, not to show execution order.
By Sequence View
Displays firewall policies in their actual evaluation (processing) order.
This is the top-down order FortiGate uses when matching traffic.
It reflects the real rule sequence that determines which policy is hit first.
Why option C is correct
C . Interface Pair View sorts policies based on matching interfaces, while By Sequence View shows the actual processing order of rules.
This statement exactly matches FortiOS behavior as documented in the FortiOS 7.6 Firewall Policy Views section of the Administrator Guide.
Why the other options are incorrect
A: Interface Pair View does not follow traffic logs, and By Sequence View is not based on ''rule priority'' grouping.
B: FortiGate does not dynamically reorder policies based on traffic patterns.
D: Security levels do not affect policy ordering in Interface Pair View.
Currently there are no comments in this discussion, be the first to comment!