Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 12742 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is advanced firewall option "strict-policy"?

jamesharper

I am trying to resolve or mitigate an issue with my XG (see "Strange drops"), and am now looking for things I can turn off to try and get a stable network.

What is the "strict-policy" option, and what am I going to break or lose if I turn it off?

The only information I have found is here https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosFirewall/v165/SF-OS-Command-Reference-Guide.pdf?la=en but all that tells me is that "When strict policy is off, strict firewall policy is disabled.".

 

thanks

James



This thread was automatically locked due to age.
  • +1

    James,

    some details about the strict policy:

    "When strict policy is applied, the device drops specific traffic and attacks such as the Winnuke attack, Land attack, Zero IP Protocol, and various other IP based attacks against the firewall.

    By default, strict policy is always on. To turn the strict policy on or off, in the console usethecommand:set advanced-firewall strict-policy on/off"

     

  • 0 in reply to lferrara

    Thanks. With that information I was confident I could turn it off as a test. Turning it off didn't fix my original problem but at least I know what it does now!