Hi,
I've just reinstalled one home utm and started configuring from the very beginning. All to get more knowledge before working on the bought ones.
Now I noticed some behaviour I cannot explain so hopefully one member could explain to me:
At default (no configuration but internet connection / dhcp lan done):
Nothing is working -> ok
If I allow games in application control (e.g. battle.net) it is still not connecting. No entry in ac-logfile. Only blocked packages in firewall log.
Shouldn't there be some entrys in ac-log? Why aren't?
Step further: Would it make sense (in aspect of security AND performance) to create a deny-all-applications-rule and add allow-rules per client/group/network in higher priority?
Other question about WebControl:
is it possible to deny all and allow only few sites for specific clients/groups?
And last not least firewall:
which is the best practice to enhence performance and make configuration easier?
My consumptions:
firewall: start with least restrictive (less destinations, less protocols, less sources) at higher priority.
Is that right? (Found a knowledge base article about that but cannot find it again).
and what about the order of those 3 components? I found some usefull threads (e.g. rulz) and somewhere there was an image of how they work together. I'd be glad if s/o could explain again:
in which order are packages processed? (e.g. fw -> ac -> wc ??)
Thanks a lot in advance
LoD
This thread was automatically locked due to age.
