cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1680
Views
0
Helpful
3
Replies

Firepower DMZ ACP

NETAD
Level 4
Level 4

Hello, I recently made a deployment and created only Inside--->Outside Access rules with file and intrusion policies. My question is should I also create Outside--->DMZ rules with IPS to prevent inbound attack? 

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

If you don't have any rules allowing Outside-DMZ then you wouldn't need any specific policies.

 

In all cases you should have a default Intrusion Policy (usually "Balanced Security and Connectivity") in the event that no more specific rules are matched.

View solution in original post

3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

If you don't have any rules allowing Outside-DMZ then you wouldn't need any specific policies.

 

In all cases you should have a default Intrusion Policy (usually "Balanced Security and Connectivity") in the event that no more specific rules are matched.

No rules from outside—dmz but There are ACLs allowing inbound to the DMZ which should be processed first.

What i do is create zones for outside and dmz. I then apply the Security Over Connectivity linking source zone of outside to destination zone of dmz. My variables then become $homenet and $external_net = !$homenet. What Marvin said works as well.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: