![]() You can set the matching conditions of a security policy to an application type or application label, for example, the enterprise application label so that applications can be identified. It is complicated to analyze network traffic and identify authorized applications. It can implement refined management and control. You are advised to specify users who can access the service.Īpplication identification is a key capability of firewalls. If all services or ports are open, attackers may use dictionary attacks to perform brute force cracking.įor non-public services, the source IP address range must be specified for accessing key information assets such as database servers and sensitive services such as SSH and Remote Desktop Protocol (RDP). The destination IP address must be specified as the IP address of the server or server group that is open to external systems, and the service or port must be specified. If an organization needs to open some services (for example, web services) to the Internet, the source IP address can be set to Any in the security policy. ![]() Specify matching conditions as many as possible, including users and applications.Specify source and destination IP addresses and services.You are advised to set accurate matching conditions, which involves the following aspects: ![]() On this basis, security policies are configured to permit authorized traffic only to minimize the attack surface.įirst, exercise caution when using any as the matching condition in a security policy that permits authorized traffic. This is the basis for implementing the principle of least privilege on the firewall. By default, a firewall denies all interzone traffic, and all traffic that is not explicitly permitted is denied.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |