Hi
I'm an old checkpoint guy evaluating Sophos XG firewall for the company we are working with. I've been stuck with a ISA firewall for 4 years at this new company and cringed at my boss saying we have secure systems..
We have a Intel server which we have installed SW-SFOS_15.01.0_MR-3-447.iso connect to a Satellite connection.
The first thing I tried after setting up was a GRC.COM port scan to see what the defaults were and it would seem all ports are open. I've also use ZENMAP which reports the same thing.
I've created firewall rules like
any any reject
any to Wan reject
Along with allow DNS and HTTP/HTTPs
IPS no Explicit
I've tried all sort of settings but all port scans and intrusion detection doesn't seem to be working. I'm sure its a configuration problem...
1. How to get all port stealthed and not responding to GRC or port scans
2. When a network rule is set to any source any destination accept, IPS is applied, as soon as I add a port like HTTP/HTTPS IPS stops working
3. Are there a list of must have rules i could work with and test or a check list to run through?
Your advice would be appreciated..
This thread was automatically locked due to age.
