09-15-2019 03:49 PM
Hi,
Can someone clear me the below questions regarding Standard contracts and Taboo contracts :
1) As i get tell now that when i create a standard contract filters, i can choose actions at subject for filters (deny or permit)
Based on this i can deny a few type of traffic , then allow the rest (permit any any)
*So why i would need to use Taboo contract?
2) Do i have to apply Taboo contract to two EPGs or just one, and how it work?
Thanks,
Solved! Go to Solution.
09-15-2019 04:26 PM
Hi @Wessam-88 ,
Here is my advice.
Forget Taboo conracts exist, and never use them. Also avoid using deny filters if possible.
Taboo filters don't work "between" EPGs, but are applied to an etire EPG.
So if you wnated to prevent an EPG from ever using cleartext communications, you could apply a taboo contract with filters for port 80 and 23 say.
But don't do that. Do it right the first time.
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
09-15-2019 03:55 PM
Hi @RedNectar , Thanks for help
09-15-2019 04:26 PM
Hi @Wessam-88 ,
Here is my advice.
Forget Taboo conracts exist, and never use them. Also avoid using deny filters if possible.
Taboo filters don't work "between" EPGs, but are applied to an etire EPG.
So if you wnated to prevent an EPG from ever using cleartext communications, you could apply a taboo contract with filters for port 80 and 23 say.
But don't do that. Do it right the first time.
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide