{ "id": 1, "results": [ { "policyid": 1, "name": "EHR-App-Access", "uuid": "f1a0b1c2-1111-4000-8000-000000000001", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "DMZ"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "172.16.11.0/24", "q_origin_key": "172.16.11.0/24"} ], "dstaddr": [ {"name": "10.50.1.10", "q_origin_key": "10.50.1.10"}, {"name": "10.50.1.11", "q_origin_key": "10.50.1.11"} ], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Clinical staff access to Epic EHR application servers", "pkts": 4582901, "nat": "enable", "vdom": "root" }, { "policyid": 2, "name": "EHR-DB-Replication", "uuid": "f1a0b1c2-2222-4000-8000-000000000002", "srcintf": [{"name": "DMZ"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "10.50.1.10", "q_origin_key": "10.50.1.10"}], "dstaddr": [{"name": "10.50.2.20", "q_origin_key": "10.50.2.20"}], "service": [{"name": "MySQL", "q_origin_key": "MySQL"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "EHR database replication - primary to standby", "pkts": 89201445, "nat": "disable", "vdom": "root" }, { "policyid": 3, "name": "VPN-Site-to-Site-HQ", "uuid": "f1a0b1c2-3333-4000-8000-000000000003", "srcintf": [{"name": "VPN-HQ"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "HQ VPN tunnel - full access for corporate IT", "pkts": 15823400, "nat": "disable", "vdom": "root" }, { "policyid": 4, "name": "VPN-Vendor-Support", "uuid": "f1a0b1c2-4444-4000-8000-000000000004", "srcintf": [{"name": "VPN-Vendors"}], "dstintf": [{"name": "DMZ"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Vendor support VPN - opened during Epic go-live, never locked down", "pkts": 42, "nat": "disable", "vdom": "root" }, { "policyid": 5, "name": "VPN-RemotePhysicians", "uuid": "f1a0b1c2-5555-4000-8000-000000000005", "srcintf": [{"name": "VPN-Remote"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "utm", "comments": "Remote physician access - was supposed to be restricted to EHR only", "pkts": 992300, "nat": "disable", "vdom": "root" }, { "policyid": 6, "name": "VPN-OldPartner-UNUSED", "uuid": "f1a0b1c2-6666-4000-8000-000000000006", "srcintf": [{"name": "VPN-Partner"}], "dstintf": [{"name": "DMZ"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "", "pkts": 0, "nat": "disable", "vdom": "root" }, { "policyid": 7, "name": "DNS-Outbound", "uuid": "f1a0b1c2-7777-4000-8000-000000000007", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "172.16.11.0/24", "q_origin_key": "172.16.11.0/24"}, {"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"} ], "dstaddr": [ {"name": "8.8.8.8", "q_origin_key": "8.8.8.8"}, {"name": "8.8.4.4", "q_origin_key": "8.8.4.4"} ], "service": [{"name": "DNS", "q_origin_key": "DNS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "DNS resolution to Google DNS", "pkts": 34560123, "nat": "enable", "vdom": "root" }, { "policyid": 8, "name": "Web-Browsing-Staff", "uuid": "f1a0b1c2-8888-4000-8000-000000000008", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [ {"name": "HTTP", "q_origin_key": "HTTP"}, {"name": "HTTPS", "q_origin_key": "HTTPS"} ], "action": "accept", "status": "enable", "logtraffic": "utm", "comments": "Staff internet browsing with UTM inspection", "pkts": 78231000, "nat": "enable", "vdom": "root" }, { "policyid": 9, "name": "RDP-to-EHR-External", "uuid": "f1a0b1c2-9999-4000-8000-000000000009", "srcintf": [{"name": "WAN"}], "dstintf": [{"name": "DMZ"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "10.50.1.10", "q_origin_key": "10.50.1.10"}], "service": [{"name": "RDP", "q_origin_key": "RDP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Remote desktop to EHR server - added for weekend maintenance", "pkts": 1823, "nat": "enable", "vdom": "root" }, { "policyid": 10, "name": "FTP-LabResults", "uuid": "f1a0b1c2-aaaa-4000-8000-000000000010", "srcintf": [{"name": "WAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "203.0.113.50", "q_origin_key": "203.0.113.50"}], "dstaddr": [{"name": "10.50.2.25", "q_origin_key": "10.50.2.25"}], "service": [{"name": "FTP", "q_origin_key": "FTP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Lab results upload from Quest Diagnostics - should migrate to SFTP", "pkts": 44820, "nat": "enable", "vdom": "root" }, { "policyid": 11, "name": "FTP-Legacy-Imaging", "uuid": "f1a0b1c2-bbbb-4000-8000-000000000011", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"}], "dstaddr": [{"name": "10.50.2.30", "q_origin_key": "10.50.2.30"}], "service": [{"name": "FTP", "q_origin_key": "FTP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Radiology PACS imaging transfer - legacy protocol requirement", "pkts": 2305012, "nat": "disable", "vdom": "root" }, { "policyid": 12, "name": "SMTP-Outbound", "uuid": "f1a0b1c2-cccc-4000-8000-000000000012", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.15", "q_origin_key": "10.50.2.15"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "SMTP", "q_origin_key": "SMTP"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Mail server outbound relay", "pkts": 5610400, "nat": "enable", "vdom": "root" }, { "policyid": 13, "name": "NTP-Sync", "uuid": "f1a0b1c2-dddd-4000-8000-000000000013", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "10.50.1.0/24", "q_origin_key": "10.50.1.0/24"}, {"name": "10.50.2.0/24", "q_origin_key": "10.50.2.0/24"} ], "dstaddr": [{"name": "pool.ntp.org", "q_origin_key": "pool.ntp.org"}], "service": [{"name": "NTP", "q_origin_key": "NTP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "NTP time synchronization", "pkts": 892100, "nat": "enable", "vdom": "root" }, { "policyid": 14, "name": "Printer-Access", "uuid": "f1a0b1c2-eeee-4000-8000-000000000014", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Printer-VLAN"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "172.16.11.0/24", "q_origin_key": "172.16.11.0/24"} ], "dstaddr": [{"name": "172.16.30.0/24", "q_origin_key": "172.16.30.0/24"}], "service": [ {"name": "TCP-9100", "q_origin_key": "TCP-9100"}, {"name": "HTTP", "q_origin_key": "HTTP"} ], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Network printing for clinical and admin staff", "pkts": 1250340, "nat": "disable", "vdom": "root" }, { "policyid": 15, "name": "Guest-WiFi-Internet", "uuid": "f1a0b1c2-ffff-4000-8000-000000000015", "srcintf": [{"name": "WiFi-Guest"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "192.168.100.0/24", "q_origin_key": "192.168.100.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [ {"name": "HTTP", "q_origin_key": "HTTP"}, {"name": "HTTPS", "q_origin_key": "HTTPS"}, {"name": "DNS", "q_origin_key": "DNS"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Patient and visitor WiFi - internet only, no internal access", "pkts": 45203000, "nat": "enable", "vdom": "root" }, { "policyid": 16, "name": "Telnet-Legacy-Switch-Mgmt", "uuid": "f1a0b1c2-1010-4000-8000-000000000016", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Mgmt-VLAN"}], "srcaddr": [{"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}], "dstaddr": [{"name": "10.99.1.0/24", "q_origin_key": "10.99.1.0/24"}], "service": [{"name": "TELNET", "q_origin_key": "TELNET"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Legacy switch management - planned for SSH migration Q2", "pkts": 890, "nat": "disable", "vdom": "root" }, { "policyid": 17, "name": "SNMP-Monitoring", "uuid": "f1a0b1c2-1111-4000-8000-000000000017", "srcintf": [{"name": "Mgmt-VLAN"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "10.99.1.5", "q_origin_key": "10.99.1.5"}], "dstaddr": [{"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}], "service": [{"name": "SNMP", "q_origin_key": "SNMP"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "PRTG monitoring server polling workstations", "pkts": 14300200, "nat": "disable", "vdom": "root" }, { "policyid": 18, "name": "Backup-to-Cloud", "uuid": "f1a0b1c2-1212-4000-8000-000000000018", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.0/24", "q_origin_key": "10.50.2.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Veeam cloud backup for server VLAN", "pkts": 29105600, "nat": "enable", "vdom": "root" }, { "policyid": 19, "name": "AD-Authentication", "uuid": "f1a0b1c2-1313-4000-8000-000000000019", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "172.16.11.0/24", "q_origin_key": "172.16.11.0/24"}, {"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"} ], "dstaddr": [ {"name": "10.50.2.5", "q_origin_key": "10.50.2.5"}, {"name": "10.50.2.6", "q_origin_key": "10.50.2.6"} ], "service": [ {"name": "LDAP", "q_origin_key": "LDAP"}, {"name": "LDAPS", "q_origin_key": "LDAPS"}, {"name": "Kerberos", "q_origin_key": "Kerberos"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Active Directory authentication and group policy", "pkts": 67201800, "nat": "disable", "vdom": "root" }, { "policyid": 20, "name": "DHCP-Relay", "uuid": "f1a0b1c2-1414-4000-8000-000000000020", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.0.0/16", "q_origin_key": "172.16.0.0/16"}], "dstaddr": [{"name": "10.50.2.5", "q_origin_key": "10.50.2.5"}], "service": [{"name": "DHCP", "q_origin_key": "DHCP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "DHCP relay to domain controller", "pkts": 502300, "nat": "disable", "vdom": "root" }, { "policyid": 21, "name": "Syslog-Collection", "uuid": "f1a0b1c2-1515-4000-8000-000000000021", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [ {"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}, {"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"}, {"name": "10.99.1.0/24", "q_origin_key": "10.99.1.0/24"}, {"name": "10.50.1.0/24", "q_origin_key": "10.50.1.0/24"} ], "dstaddr": [{"name": "10.50.2.35", "q_origin_key": "10.50.2.35"}], "service": [{"name": "Syslog", "q_origin_key": "Syslog"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Centralized syslog collection for HIPAA audit trail", "pkts": 98210000, "nat": "disable", "vdom": "root" }, { "policyid": 22, "name": "Medical-Devices-Internet", "uuid": "f1a0b1c2-1616-4000-8000-000000000022", "srcintf": [{"name": "MedDevice-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Medical device firmware updates and cloud telemetry", "pkts": 3210500, "nat": "enable", "vdom": "root" }, { "policyid": 23, "name": "temp-troubleshooting", "uuid": "f1a0b1c2-1717-4000-8000-000000000023", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.10.50", "q_origin_key": "172.16.10.50"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "temp - debug network issue for Dr. Martinez laptop", "pkts": 0, "nat": "enable", "vdom": "root" }, { "policyid": 24, "name": "test-rule", "uuid": "f1a0b1c2-1818-4000-8000-000000000024", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.10.100", "q_origin_key": "172.16.10.100"}], "dstaddr": [{"name": "10.50.2.0/24", "q_origin_key": "10.50.2.0/24"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "test", "pkts": 12, "nat": "disable", "vdom": "root" }, { "policyid": 25, "name": "HL7-Interface-Engine", "uuid": "f1a0b1c2-1919-4000-8000-000000000025", "srcintf": [{"name": "DMZ"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "10.50.1.10", "q_origin_key": "10.50.1.10"}], "dstaddr": [{"name": "10.50.2.40", "q_origin_key": "10.50.2.40"}], "service": [{"name": "TCP-2575", "q_origin_key": "TCP-2575"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "HL7 MLLP interface engine for lab and pharmacy integration", "pkts": 8920100, "nat": "disable", "vdom": "root" }, { "policyid": 26, "name": "Pharmacy-System", "uuid": "f1a0b1c2-2020-4000-8000-000000000026", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.11.0/24", "q_origin_key": "172.16.11.0/24"}], "dstaddr": [{"name": "10.50.2.45", "q_origin_key": "10.50.2.45"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Pharmacy dispensing system access", "pkts": 1920300, "nat": "disable", "vdom": "root" }, { "policyid": 27, "name": "Old-Citrix-Farm", "uuid": "f1a0b1c2-2121-4000-8000-000000000027", "srcintf": [{"name": "WAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "10.50.2.50", "q_origin_key": "10.50.2.50"}], "service": [ {"name": "TCP-1494", "q_origin_key": "TCP-1494"}, {"name": "TCP-2598", "q_origin_key": "TCP-2598"} ], "action": "accept", "status": "disable", "logtraffic": "disable", "comments": "Citrix XenApp farm - decommissioned Oct 2024", "pkts": 0, "nat": "enable", "vdom": "root" }, { "policyid": 28, "name": "Old-VoIP-SIP", "uuid": "f1a0b1c2-2222-4000-8000-000000000028", "srcintf": [{"name": "Voice-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.50.0/24", "q_origin_key": "172.16.50.0/24"}], "dstaddr": [{"name": "198.51.100.10", "q_origin_key": "198.51.100.10"}], "service": [ {"name": "SIP", "q_origin_key": "SIP"}, {"name": "TCP-5060", "q_origin_key": "TCP-5060"}, {"name": "UDP-10000-20000", "q_origin_key": "UDP-10000-20000"} ], "action": "accept", "status": "disable", "logtraffic": "disable", "comments": "Old SIP trunk - moved to Teams Phone in Jan 2025", "pkts": 0, "nat": "enable", "vdom": "root" }, { "policyid": 29, "name": "Imaging-DICOM", "uuid": "f1a0b1c2-2323-4000-8000-000000000029", "srcintf": [{"name": "MedDevice-VLAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [ {"name": "172.16.20.10", "q_origin_key": "172.16.20.10"}, {"name": "172.16.20.11", "q_origin_key": "172.16.20.11"}, {"name": "172.16.20.12", "q_origin_key": "172.16.20.12"} ], "dstaddr": [{"name": "10.50.2.30", "q_origin_key": "10.50.2.30"}], "service": [{"name": "TCP-104", "q_origin_key": "TCP-104"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "DICOM imaging from CT/MRI/X-ray to PACS server", "pkts": 45012300, "nat": "disable", "vdom": "root" }, { "policyid": 30, "name": "Wireless-to-Servers", "uuid": "f1a0b1c2-2424-4000-8000-000000000030", "srcintf": [{"name": "WiFi-Staff"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "192.168.10.0/24", "q_origin_key": "192.168.10.0/24"}], "dstaddr": [{"name": "10.50.2.0/24", "q_origin_key": "10.50.2.0/24"}], "service": [ {"name": "HTTP", "q_origin_key": "HTTP"}, {"name": "HTTPS", "q_origin_key": "HTTPS"}, {"name": "RDP", "q_origin_key": "RDP"} ], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "", "pkts": 5502100, "nat": "disable", "vdom": "root" }, { "policyid": 31, "name": "Mgmt-SSH", "uuid": "f1a0b1c2-2525-4000-8000-000000000031", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Mgmt-VLAN"}], "srcaddr": [{"name": "172.16.10.5", "q_origin_key": "172.16.10.5"}], "dstaddr": [{"name": "10.99.1.0/24", "q_origin_key": "10.99.1.0/24"}], "service": [{"name": "SSH", "q_origin_key": "SSH"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "IT admin SSH to network devices", "pkts": 1890200, "nat": "disable", "vdom": "root" }, { "policyid": 32, "name": "Mgmt-HTTPS-FortiGate", "uuid": "f1a0b1c2-2626-4000-8000-000000000032", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "Mgmt-VLAN"}], "srcaddr": [{"name": "172.16.10.5", "q_origin_key": "172.16.10.5"}], "dstaddr": [{"name": "10.99.1.1", "q_origin_key": "10.99.1.1"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "FortiGate management access from IT admin workstation", "pkts": 430500, "nat": "disable", "vdom": "root" }, { "policyid": 33, "name": "PatientPortal-Inbound", "uuid": "f1a0b1c2-2727-4000-8000-000000000033", "srcintf": [{"name": "WAN"}], "dstintf": [{"name": "DMZ"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "10.50.1.15", "q_origin_key": "10.50.1.15"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Patient portal web application - public facing", "pkts": 18920100, "nat": "enable", "vdom": "root" }, { "policyid": 34, "name": "VPN-SSL-Portal", "uuid": "f1a0b1c2-2828-4000-8000-000000000034", "srcintf": [{"name": "WAN"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "10.99.1.1", "q_origin_key": "10.99.1.1"}], "service": [{"name": "TCP-10443", "q_origin_key": "TCP-10443"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "SSL VPN portal login page", "pkts": 892100, "nat": "enable", "vdom": "root" }, { "policyid": 35, "name": "Clearinghouse-EDI", "uuid": "f1a0b1c2-2929-4000-8000-000000000035", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.15", "q_origin_key": "10.50.2.15"}], "dstaddr": [ {"name": "198.51.100.20", "q_origin_key": "198.51.100.20"}, {"name": "198.51.100.21", "q_origin_key": "198.51.100.21"} ], "service": [ {"name": "HTTPS", "q_origin_key": "HTTPS"}, {"name": "SFTP", "q_origin_key": "SFTP"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Insurance claims EDI to Availity clearinghouse", "pkts": 3201500, "nat": "enable", "vdom": "root" }, { "policyid": 36, "name": "MedDevice-to-Internet", "uuid": "f1a0b1c2-3030-4000-8000-000000000036", "srcintf": [{"name": "MedDevice-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.20.0/24", "q_origin_key": "172.16.20.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "", "pkts": 890100, "nat": "enable", "vdom": "root" }, { "policyid": 37, "name": "Badge-System", "uuid": "f1a0b1c2-3131-4000-8000-000000000037", "srcintf": [{"name": "Security-VLAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.40.0/24", "q_origin_key": "172.16.40.0/24"}], "dstaddr": [{"name": "10.50.2.55", "q_origin_key": "10.50.2.55"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Badge reader access control system", "pkts": 2105000, "nat": "disable", "vdom": "root" }, { "policyid": 38, "name": "Camera-NVR", "uuid": "f1a0b1c2-3232-4000-8000-000000000038", "srcintf": [{"name": "Security-VLAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "172.16.40.0/24", "q_origin_key": "172.16.40.0/24"}], "dstaddr": [{"name": "10.50.2.56", "q_origin_key": "10.50.2.56"}], "service": [{"name": "RTSP", "q_origin_key": "RTSP"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "IP cameras to NVR recording server", "pkts": 789210000, "nat": "disable", "vdom": "root" }, { "policyid": 39, "name": "Windows-Updates", "uuid": "f1a0b1c2-3333-4000-8000-000000000039", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.5", "q_origin_key": "10.50.2.5"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [ {"name": "HTTP", "q_origin_key": "HTTP"}, {"name": "HTTPS", "q_origin_key": "HTTPS"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "WSUS server fetching Microsoft updates", "pkts": 12901500, "nat": "enable", "vdom": "root" }, { "policyid": 40, "name": "FortiGuard-Updates", "uuid": "f1a0b1c2-3434-4000-8000-000000000040", "srcintf": [{"name": "Mgmt-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.99.1.1", "q_origin_key": "10.99.1.1"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [ {"name": "HTTPS", "q_origin_key": "HTTPS"}, {"name": "TCP-8888", "q_origin_key": "TCP-8888"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "FortiGuard antivirus and IPS signature updates", "pkts": 5610200, "nat": "enable", "vdom": "root" }, { "policyid": 41, "name": "Old-Remote-Worker-Jenkins", "uuid": "f1a0b1c2-3535-4000-8000-000000000041", "srcintf": [{"name": "VPN-Remote"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "10.200.0.25", "q_origin_key": "10.200.0.25"}], "dstaddr": [{"name": "10.50.2.60", "q_origin_key": "10.50.2.60"}], "service": [{"name": "TCP-8080", "q_origin_key": "TCP-8080"}], "action": "accept", "status": "disable", "logtraffic": "disable", "comments": "Sarah Jenkins remote access - terminated Aug 2024", "pkts": 0, "nat": "disable", "vdom": "root" }, { "policyid": 42, "name": "Old-Remote-Worker-Patel", "uuid": "f1a0b1c2-3636-4000-8000-000000000042", "srcintf": [{"name": "VPN-Remote"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [{"name": "10.200.0.30", "q_origin_key": "10.200.0.30"}], "dstaddr": [{"name": "10.50.2.60", "q_origin_key": "10.50.2.60"}], "service": [{"name": "TCP-8080", "q_origin_key": "TCP-8080"}], "action": "accept", "status": "disable", "logtraffic": "disable", "comments": "", "pkts": 0, "nat": "disable", "vdom": "root" }, { "policyid": 43, "name": "Voice-to-LAN", "uuid": "f1a0b1c2-3737-4000-8000-000000000043", "srcintf": [{"name": "Voice-VLAN"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "172.16.50.0/24", "q_origin_key": "172.16.50.0/24"}], "dstaddr": [{"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}], "service": [ {"name": "SIP", "q_origin_key": "SIP"}, {"name": "UDP-10000-20000", "q_origin_key": "UDP-10000-20000"} ], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "Teams phone system - softphone clients", "pkts": 34201000, "nat": "disable", "vdom": "root" }, { "policyid": 44, "name": "Lab-Instrument-Upload", "uuid": "f1a0b1c2-3838-4000-8000-000000000044", "srcintf": [{"name": "MedDevice-VLAN"}], "dstintf": [{"name": "Server-VLAN"}], "srcaddr": [ {"name": "172.16.20.20", "q_origin_key": "172.16.20.20"}, {"name": "172.16.20.21", "q_origin_key": "172.16.20.21"} ], "dstaddr": [{"name": "10.50.2.40", "q_origin_key": "10.50.2.40"}], "service": [{"name": "TCP-2575", "q_origin_key": "TCP-2575"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Lab instrument results upload via HL7", "pkts": 1520300, "nat": "disable", "vdom": "root" }, { "policyid": 45, "name": "E-Prescribing", "uuid": "f1a0b1c2-3939-4000-8000-000000000045", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.45", "q_origin_key": "10.50.2.45"}], "dstaddr": [{"name": "198.51.100.30", "q_origin_key": "198.51.100.30"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "Surescripts e-prescribing gateway", "pkts": 4320100, "nat": "enable", "vdom": "root" }, { "policyid": 46, "name": "Admin-Broad-Access", "uuid": "f1a0b1c2-4040-4000-8000-000000000046", "srcintf": [{"name": "LAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "172.16.10.0/24", "q_origin_key": "172.16.10.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "accept", "status": "enable", "logtraffic": "disable", "comments": "", "pkts": 23201500, "nat": "enable", "vdom": "root" }, { "policyid": 47, "name": "Fax-Server", "uuid": "f1a0b1c2-4141-4000-8000-000000000047", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.65", "q_origin_key": "10.50.2.65"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [ {"name": "SIP", "q_origin_key": "SIP"}, {"name": "TCP-5060", "q_origin_key": "TCP-5060"}, {"name": "UDP-10000-20000", "q_origin_key": "UDP-10000-20000"} ], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "eFax cloud service for referral documents", "pkts": 890400, "nat": "enable", "vdom": "root" }, { "policyid": 48, "name": "Antivirus-Updates", "uuid": "f1a0b1c2-4242-4000-8000-000000000048", "srcintf": [{"name": "Server-VLAN"}], "dstintf": [{"name": "WAN"}], "srcaddr": [{"name": "10.50.2.5", "q_origin_key": "10.50.2.5"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "HTTPS", "q_origin_key": "HTTPS"}], "action": "accept", "status": "enable", "logtraffic": "all", "comments": "CrowdStrike Falcon sensor updates", "pkts": 7810200, "nat": "enable", "vdom": "root" }, { "policyid": 49, "name": "Deny-Guest-to-Internal", "uuid": "f1a0b1c2-4343-4000-8000-000000000049", "srcintf": [{"name": "WiFi-Guest"}], "dstintf": [{"name": "LAN"}], "srcaddr": [{"name": "192.168.100.0/24", "q_origin_key": "192.168.100.0/24"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "deny", "status": "enable", "logtraffic": "all", "comments": "Block guest WiFi from reaching internal networks", "pkts": 105200, "nat": "disable", "vdom": "root" }, { "policyid": 50, "name": "Default-Deny-All", "uuid": "f1a0b1c2-4444-4000-8000-000000000050", "srcintf": [{"name": "any"}], "dstintf": [{"name": "any"}], "srcaddr": [{"name": "all", "q_origin_key": "all"}], "dstaddr": [{"name": "all", "q_origin_key": "all"}], "service": [{"name": "ALL", "q_origin_key": "ALL"}], "action": "deny", "status": "enable", "logtraffic": "all", "comments": "Default deny - catch all unmatched traffic", "pkts": 8920150, "nat": "disable", "vdom": "root" } ] }