Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 3267 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG: How to control Linux servers to only access (centos) update mirrors ?

TwanHermans

Hi guys,

We would like to block any outgoing internet traffic from our linux farm except the linux/centos update mirrors.

What kind of FW rule should be a good solution for this ? We tried one using FQDN hosts, but the linux servers seems to go to many different domains.

 

Best regards,

Twan



This thread was automatically locked due to age.
  • 0

    Hi Twan,

    Look for a particular set of IP addresses or URLs associated with the Linux/CentOS updates and create an exception policy. You can then have a Firewall rule and add IP addresses of the Linux servers in the Source Hosts section and set the default action to drop. 

    Thanks,