Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1519 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule optimization

Abhishek Kumar

Hi

Need assistance with optimization of firewall rule according to precedence. Please refer screenshot for more details. 



This thread was automatically locked due to age.
Parents
  • +1

    Optimization of firewall rule according to precedence?

    This sounds like two different aspects-

    Optimization

    For optimization you firewall rules are really allowing everything, you should determine what protocols or services you want to let through and only allow those to work, for example if you only want web surfing only allow ports 80 & 443, but if you also want ftp, sftp & DNS allow ports 20,21,22 & 53 along with ports 80 & 443.

    Precedence

    From what you are asking this sounds more like a QOS or traffic shaping issue since you are allowing all traffic with the rules in the screen shot.  However only you would know what aspects of your network should take precedence over the others to better prioritize your resources.  A few things to look up-

    https://community.sophos.com/kb/en-us/123062

    https://community.sophos.com/kb/en-us/123061

    Your key search words for this would be XG with QOS (quality of service) & or traffic shaping, I did a quick google and there are many articles and discussions on this.

Reply
  • +1

    Optimization of firewall rule according to precedence?

    This sounds like two different aspects-

    Optimization

    For optimization you firewall rules are really allowing everything, you should determine what protocols or services you want to let through and only allow those to work, for example if you only want web surfing only allow ports 80 & 443, but if you also want ftp, sftp & DNS allow ports 20,21,22 & 53 along with ports 80 & 443.

    Precedence

    From what you are asking this sounds more like a QOS or traffic shaping issue since you are allowing all traffic with the rules in the screen shot.  However only you would know what aspects of your network should take precedence over the others to better prioritize your resources.  A few things to look up-

    https://community.sophos.com/kb/en-us/123062

    https://community.sophos.com/kb/en-us/123061

    Your key search words for this would be XG with QOS (quality of service) & or traffic shaping, I did a quick google and there are many articles and discussions on this.

Children
No Data