GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.
A local firewall protects the system from exposing unnecessary or undocumented network services to the local enclave. If a system within the enclave is compromised, firewall protection on an individual system continues to protect it from attack.
Edit /etc/ipf/ipf.conf and add a default deny rule. Restart the ipfilter service. # svcadm restart network/ipfilter