Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1520 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule optimization

Abhishek Kumar

Hi

Need assistance with optimization of firewall rule according to precedence. Please refer screenshot for more details. 



This thread was automatically locked due to age.
  • 0

    Hi,

    you need to expand on your security requirements because those rules are very lax. What is the difference between WLAN and WIFI?

    Ian

  • 0 in reply to rfcat_vk

    Hi rfcat_vk

    WLAN zone is for another interface via which i have setup DHCP to provide access to Sophos AP. The AP network is setup as WIFI zone.

  • +1

    Optimization of firewall rule according to precedence?

    This sounds like two different aspects-

    Optimization

    For optimization you firewall rules are really allowing everything, you should determine what protocols or services you want to let through and only allow those to work, for example if you only want web surfing only allow ports 80 & 443, but if you also want ftp, sftp & DNS allow ports 20,21,22 & 53 along with ports 80 & 443.

    Precedence

    From what you are asking this sounds more like a QOS or traffic shaping issue since you are allowing all traffic with the rules in the screen shot.  However only you would know what aspects of your network should take precedence over the others to better prioritize your resources.  A few things to look up-

    https://community.sophos.com/kb/en-us/123062

    https://community.sophos.com/kb/en-us/123061

    Your key search words for this would be XG with QOS (quality of service) & or traffic shaping, I did a quick google and there are many articles and discussions on this.