Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 5735 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best Practices Firewall Rules

Mokaz

Hi all,

Just a small question, what's better? Doing 1 rule including ALL the needed services for ingress egress destination OR doing multiple rules (one per targeted services)?

Thanks,

Regards,
M-



This thread was automatically locked due to age.
Parents
  • 0

    Depending on the number of rules you end up with, I use a combination.  One of the benefits for me is to identify which rule is malfunctioning and verifying which rule applies to the traffic being logged.  I generally lump things together in groups by function.  Email - 1 rule for outbound.  Web browsing - 1 rule.  I create rules for traffic I don't want logged, then log everything else.  You will probably not get to the point that you have so many rules that if affects performance.

Reply
  • 0

    Depending on the number of rules you end up with, I use a combination.  One of the benefits for me is to identify which rule is malfunctioning and verifying which rule applies to the traffic being logged.  I generally lump things together in groups by function.  Email - 1 rule for outbound.  Web browsing - 1 rule.  I create rules for traffic I don't want logged, then log everything else.  You will probably not get to the point that you have so many rules that if affects performance.

Children
No Data