Hi
You can achieve this by configuring the two vlan sunbnest in one security policy and call the UTM service in that policy.
For the remaining one subnet you can not call th eutm policy.
set security policies from-zone trust to-zone untrust policy default-permit match source-address [vlan-1-subnet vlan-2 subnet]
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit services utm-policy web-filtering-policy
set security policies from-zone trust to-zone untrust policy default-permit match source-address vlan-3-subnet
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit
Something like above.
Regards,
c_r
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too