First time using Sophos (came from a Watchguard background) and I've been trying to set up the Sophos to mimic our existing rules on the WG and have a question (possibly, a dumb one).
In the WG, there was an alias called "Any-External" which I could use as follows. Let's say I wanted to allow HTTP traffic from our LAN ("trusted" in WG) to the internet, but NOT to the DMZ ("optional" in WG)
I could set up a single rule in WG to do this. From would be allow Any-Trusted, Policy Type would be HTTP, and To would be Any-External. Nothing else would need to be defined to not allow LAN to talk to DMZ.
I don't seem to see how to do this (as easily) in Sophos, but maybe I am missing something. I ended up doing the following:
Rule 1: Deny any from LAN to DMZ
Rule 2: Allow HTTP from LAN to Any IPv4
which obviously isn't complicated to do, but I just want to make sure I'm not overlooking a better way to do things.
Thanks!
Jared
This thread was automatically locked due to age.
