Implicit deny policy is the "default policy" configured on the system by default. You cannot edit/modify this. This policy will drop the traffic that is not matching any other policies configured by you/firewall-admin.
All the firewall policies that are configured by you/firewall-admin called the explicit policy and they are placed above the implicit deny policy. Policy match happens from top to bottom in other words the explicit policies are checked first and if there are no match traffic will hit the implicit deny policy on the bottom.
I hope this helps.
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.