Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1145
Views
0
Helpful
1
Replies

Direct Internet Access with Zone Based Firewall Rules

Go to solution
John Telford
Level 1
Level 1

‎10-21-2019 06:27 PM

Hi,

I'm on the Security team and was provided the below devices for security evaluation by our network group.

Question for the Zone Based Firewall (ZBFW) on this hardware:

How do you create ZBFW Rules for Direct Internet Access (DIA) in vManage?

These rules could be Inspect or Drop.

 

Is it even possible?

 

I have used the Traffic Data Rule Policy settings to test DIA (VPN.0)  but the preference is to use ZBFW only and not have to use a hybrid of ZBFW rules that perform proper statefull firewall flows and Traffic Rules that require manual 2 way setup.

 

Unit 1:

Model: C1111X-8P

Version: 16.10.2

Connectivity: biz-internet (DHCP)

Unit 2:

Model: ISR4331

Version: 16.10.2

Connectivity: biz-internet Static

 

Thanks,

John

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
John Telford
Level 1
Level 1

‎02-24-2020 11:47 AM

Solved
had to complete configuration for DIA,

View solution in original post

0 Helpful
1 Reply 1

Go to solution
John Telford
Level 1
Level 1

‎02-24-2020 11:47 AM

Solved
had to complete configuration for DIA,
0 Helpful
Customers Also Viewed These Support Documents