Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 2082 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Temporary Firewall-Rules via User Portal

CiscoChris929
Hello everybody,
we want to exchange our Checkpoint-Firewall with a Sophos UTM9 Cluster.
Checkpoint has a Webpage, where Users can Login and create "Firewall-Rules" for 30 minutes (for getting Updates from Lenovo for Example)

Can this be done via Sophos-UTM9?


This thread was automatically locked due to age.
  • 0
    No, but you can allow uses to unblock sites that are blocked by Web Filtering.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    Some Users need temporary FTP-Access - so i need to open Ports temporary.
    Means, that with UTM9 Users have to call us admins and we have to create the rules manually?
  • 0
    Correct.
    But you can create time based rules, so e.g. allow client X to connect via FTP only on day Y from 8:00 to 10:00.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    Hi, Chris, and a belated welcome to the User BB!

    I think I might solve this differently as scorpionking's first post above implied.  With Web Protection in a Standard mode, the Proxy handles FTP requests from the browser.  If you block all ftp:// yet allow certain, or all, people to bypass blocking, you can have the UTM automatically generate a report of who did what and when.

    There are other workarounds, but that would seem to offer you more oversight and control than CheckPoint.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hi Bob,
    thank you for your Help.
    I think i try out your Solution - if i can see who did what and when in the logs it should be fine.

    Thank you

    Greetings 
    Chris
Cookie Information Banner