11-27-2018 07:51 PM - edited 03-12-2019 07:07 AM
where do firepower service policy apply is better? and a list of question about firepower?
outside only?
inside only?
or
both outside and inside ?
i find that firepower access policy can not choose which interface it apply
where to set this?
if no this setting, when apply to both side, in outside case, from private network of outside in source address can access inside.
moreover,
should default action to deny all at both side is the best ?
why there are choice of security over connectivity and connectivity over security at default action? which situations use these?
another question is
when i set monitor in access rules in firepower, does it mean allow or deny ? where is the monitor result? what action will be done in monitor instead of allow or deny?
another more question is
which should i set IPS policy is better and in best practice in home and web site case?
security over connectivity at inside ? or security over connectivity at outside? or deny all at outside?
connectivity over security at inside ? or connectivity over security at outside? or connectivity over security at outside?
another one more question is
when to use maximum detection? which case to use? what action will be done when use maximum detection? will it stop malicious traffic flow?
bonus question is
if i want to set allow country in firewall just for counting, is there any log or command to count traffic by country?
another bonus question is
which application level choice is to select all applications?
11-28-2018 01:44 AM
Hi,
HTH
Abheesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide