Any traffic going through the FortiADC appliance must be associated with a policy. Policies control the initial action FortiADC makes when a client initiates a connection: whether or not the traffic is allowed to pass through. FortiADC will consider policies for a match starting with the first policy, and continue until it has found a match. FortiADC can either:

The default action by the FortiADC appliance is Accept: Unless explicitly blocked by a matching firewall policy, connections will be allowed. If you want to apply a positive instead of a negative security model or vice versa, change the default action.

Before you can configure a firewall policy, you must first define the network service and source/destination addresses to which it will apply. (These objects cannot be defined on the fly.)

To configure firewall policies or the default action/security model, go to Firewall > Policy > Policy Config or, for IPv6, Firewall > Policy > Policy Config <IPv6).