Before I jump in an create a big mess, I wanted to ask the Community if there are some best practices for using an MX's L3 firewall rules (of which I have many) in conjunction with some Group Policy Layer 3 Rules.
For the most part, I can keep them separated and clean by using the Group Policies how they were intended. To target specific types of users (Guests) and devices. However, I would like to start using the API to programmatically update IP Blacklists for all users and devices. From my reading, this seems to be easiest via Group Policy L3 Firewall API call. Please let me know if I am missing something or reading this wrong.
I have a vision of my future where I am trying to troubleshoot blocked traffic and I am bouncing between the "Network" L3 rules and GP rules and getting wires crossed (figuratively of course).
I understand this is a broad question, just looking for $.02 from your experience or ideas to keep the thinking clean.