12-24-2017 11:02 AM - edited 02-21-2020 07:01 AM
Hello, I recently made a deployment and created only Inside--->Outside Access rules with file and intrusion policies. My question is should I also create Outside--->DMZ rules with IPS to prevent inbound attack?
Solved! Go to Solution.
12-24-2017 06:00 PM
If you don't have any rules allowing Outside-DMZ then you wouldn't need any specific policies.
In all cases you should have a default Intrusion Policy (usually "Balanced Security and Connectivity") in the event that no more specific rules are matched.
12-24-2017 06:00 PM
If you don't have any rules allowing Outside-DMZ then you wouldn't need any specific policies.
In all cases you should have a default Intrusion Policy (usually "Balanced Security and Connectivity") in the event that no more specific rules are matched.
12-24-2017 08:49 PM
No rules from outside—dmz but There are ACLs allowing inbound to the DMZ which should be processed first.
11-02-2018 10:30 AM - edited 11-02-2018 10:31 AM
What i do is create zones for outside and dmz. I then apply the Security Over Connectivity linking source zone of outside to destination zone of dmz. My variables then become $homenet and $external_net = !$homenet. What Marvin said works as well.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: