I have some terminal servers in their own OUs inheriting firewall rules from a parent OU. Remote desktop access through port 3389 is allowed from VLANS A, B and C. I have one server that I want to allow access only from B and C. I've created a policy for that server that only allows access from B and C, but I realized vlan A can still get in because the rules are cumulative (I know - Duh).
Should I just create another rule in that policy to block traffic from vlan A, or is there a better way to do this?
Thanks.