Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 10425 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Official recommended Sophos UTM settings Network protection

David Holzderber

Hi Sophos Community!

 

I am writing my bachelor about IT Security, firewall and Sophos UTM in particular.

At the moment I am looking for something like "best practices" or recommended configuration in the section "Network protection". I didnt find much, browsing the knowledge base and I didnt find any official documents regarding this topic.

Is anything like it existing?

Part of my work will indeed be something like a "configuration blueprint" and I want to compare our solution with (if possible) official recommendations.

 

Kind regards,

David



This thread was automatically locked due to age.
Parents
  • +1

    Security is a very specific topic. Each environment has different needs in terms of security. From my perspective that's the reason why it will be very hard - not to say impossible - to create a blueprint scenario which can be used by anyone... You'll find some best practices about firewall rules for example in Juniper's KB. See https://www.juniper.net/documentation/en_US/junos-space15.2/topics/concept/junos-space-firewall-policy-best-practice.html

  • 0 in reply to HuberChristian

    Thank you very much, thats a pice of information, that might help a bit.

    I know, that there can not be a set of firewall rules preconfigured for anyone. My focus is on things like (example): When are you using Global ICMP Settings? What are the risks behind and is there a recommendation in "most case scenarios"? In my opinion, there should be told: In most scenarios it is recommended, that you disable Global ICMP Settings and configure manual filter rules that allow specific ICMP protocols as needed.

    More focus on the UTM itself with its different configuration possibilities. What about "Protocol Handling" in the "Advanced Tab" for example?

    Should I "validate packet length"? What and when are the benefits and what is Sophos' recommendation?

     

    Kind regards,

    David

Reply
  • 0 in reply to HuberChristian

    Thank you very much, thats a pice of information, that might help a bit.

    I know, that there can not be a set of firewall rules preconfigured for anyone. My focus is on things like (example): When are you using Global ICMP Settings? What are the risks behind and is there a recommendation in "most case scenarios"? In my opinion, there should be told: In most scenarios it is recommended, that you disable Global ICMP Settings and configure manual filter rules that allow specific ICMP protocols as needed.

    More focus on the UTM itself with its different configuration possibilities. What about "Protocol Handling" in the "Advanced Tab" for example?

    Should I "validate packet length"? What and when are the benefits and what is Sophos' recommendation?

     

    Kind regards,

    David

Children