Official recommended Sophos UTM settings Network protection

Security is a very specific topic. Each environment has different needs in terms of security. From my perspective that's the reason why it will be very hard - not to say impossible - to create a blueprint scenario which can be used by anyone... You'll find some best practices about firewall rules for example in Juniper's KB. See https://www.juniper.net/documentation/en_US/junos-space15.2/topics/concept/junos-space-firewall-policy-best-practice.html

Security is a very specific topic. Each environment has different needs in terms of security. From my perspective that's the reason why it will be very hard - not to say impossible - to create a blueprint scenario which can be used by anyone... You'll find some best practices about firewall rules for example in Juniper's KB. See https://www.juniper.net/documentation/en_US/junos-space15.2/topics/concept/junos-space-firewall-policy-best-practice.html

Thank you very much, thats a pice of information, that might help a bit.

I know, that there can not be a set of firewall rules preconfigured for anyone. My focus is on things like (example): When are you using Global ICMP Settings? What are the risks behind and is there a recommendation in "most case scenarios"? In my opinion, there should be told: In most scenarios it is recommended, that you disable Global ICMP Settings and configure manual filter rules that allow specific ICMP protocols as needed.

More focus on the UTM itself with its different configuration possibilities. What about "Protocol Handling" in the "Advanced Tab" for example?

Should I "validate packet length"? What and when are the benefits and what is Sophos' recommendation?

Kind regards,

David

Hi, David, and welcome to the UTM Community!

You can find a list of some guides and best practices with the UTM in my Linkz thread.

Cheers - Bob