Access Rules are a ruleset within the NGFW to allow or block traffic specifically destined to the NGFW itself. They are located at Config > Network > Advanced > Access Rules. We discourage the creation of rules here as they can be a huge security risk, specifically if the NGFW is your gateway device. The default rules cannot be modified in any way, and we encourage users to disable Allowing SSH & Allowing HTTPS on WANs for tighter security. However, there are some scenarios where it may be necessary to create rule(s) to allow traffic to the NGFW, such as with remote SMTP servers. In these cases, we highly recommend configuring the rules to be as strict as possible, which would include adding a condition such as Source Address which will not allow anything other than the specific network, and specifying only the remote network that needs to access the NGFW via that protocol.