Hello,
I would like to know how you guys order and design the FMC Access Control Rules?
Sadly the FMC is not really optimized for a lot of rules, compared to the ASDM or FortiNet etc.. Its really painful in my opinion.
Currently I've went with ...
Yeah, i also prefer 1 in most situations, as an example on datacenter firewalls with 100s of interfaces etc.
Old School ASA design is still the most favorable, I've also tried to use the new zone feature and created rules which hold multiple source...
Thanks for your input!
So you would go with design 1? Or do you have other preferences? I'm always looking for newer and better solutions, also cherry picking some features or designparts ;)
Kind regards
Lukas
Thank you very much. We will try to block BruteForce attacks with FirePower then.So the rejection feature is only available to stop misconfigured clients right?Kind regardsLukas