This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS with 2 Public Interfaces

Quick question, and this might seem kinda stupid.

I have 2 Interfaces with Public Addresses (External, DMZ) and behind the DMZ is a couple of Servers with Public IPs.

I have created the following firewall rules:

Allow: Internal -> Any
Allow: DMZ -> External
Allow: External -> DMZ (HTTP, HTTPS, etc)

When I am setting up IPS, is there any advantage changing the protected Interface to ANY since webmin and user portal are available on the External Network? I understand this is redundant for Interfaces with Private IPs, but is it for External Interfaces with Public IPs?

My current IPS protected Interfaces are:
DMZ
Internal

Any help would be greatly appreciated.

Thanks,
Kyle

This thread was automatically locked due to age.

Parents

0 BAlfson over 11 years ago

As Barry says, NEVER put any non-local subnet into 'Local networks' in IPS.

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 11 years ago

As Barry says, NEVER put any non-local subnet into 'Local networks' in IPS.

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data