Relationship and differences between the service-manage command and the security policy of an interface

The service-manage command is used to allow or reject the administrator to access the firewall using HTTP, HTTPS, Ping, SSH, SNMP, and Telnet.
The security policy is used to control the traffic forwarding and integrated traffic content detection of the firewall.
After you enable the access management function for an interface, the administrator can manage the firewall over this interface even if the security policy for the zone where the interface resides and the local zone is not enabled.
By default, the management interface (GE0/0/0) allows the administrator to access the firewall using the HTTP, HTTPS, Ping, SSH, SNMP, and Telnet, and the non-management interface does not allow the administrator to access the firewall using these protocols.
Note: If you need to control the access permissions of the firewall based on source IP addresses, you can disable the access control (using the undo service-manage enable command) and then configure the security policy to control the source IP address.

Scroll to top