By default, the adaptive security appliance denies all traffic coming in from the public network. To permit traffic coming from the Internet to access the DMZ web server, you must configure an access control rule permitting incoming HTTP traffic destined for the DMZ web server.
This access control rule specifies the interface of the adaptive security appliance that processes the traffic, that the traffic is incoming, the origin and destination of the traffic, and the type of traffic protocol and service to be permitted.
In this section, you create an access rule that permits incoming HTTP traffic originating from any host or network on the Internet, if the destination of the traffic is the web server on the DMZ network. All other traffic coming in from the public network is denied.