Allow only certain traffic to exit Windows in a XG environment

Question

Running a Windows Server farm on VMware in a XG environment . We want only certain allowed traffic from the Windows Server to exit the network. 
 ( Eg in a Windows 2019 SQL server, block all outgoing connections to office.com, SharePoint, www and allow only 1433 port connections in the LAN something like this) We have created a full list of all outgoing traffic from the servers and require only to allow certain services to communicate outside. We also run Sophos Central Intercept X advanced on all workstations & servers. Can you suggest best practices and how this can be achieved. Many thanks

MayurMakvana · Answer

Hello, 
 You may also refer to the below KBA: 
 https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/FirewallRules/FirewallRuleAdd/index.html

emmosophos · Answer

Hello there, 
 Thank you for contacting the Sophos Community. 
 I would recommend you to create: 
 1. Set a static IP for the Server 
 2. Create a "Clientless users" entry for the server 
 3. Create a Firewall Rule with Match Known users and select the Clientless user you just created 
 4. Configure the Firewall using the Destination networks* add the IPs/FQDN you want to allow 
 5. Remote the "Any" from the Services, and only set the allowed outbound ports usually only 443/80 and 53 (if the Firewall isn&rsquo;t the DNS resolver) 
 6. Source Network and Device, enter the IP of the Server 
 If you have Intercept X, then enable Sync Sec in the Firewall Rule 
 This would be my recommendation, but I would suggest you check with your Sales Engineer if you&rsquo;re looking for best practices. 
 Regards,

Allow only certain traffic to exit Windows in a XG environment

Top Replies