[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] FW-1 Rulebase
Required in all firewalls should be any any any drop long (last rule in rulebase) any any NBT/rip drop nolog (first in rulebase) after any IKE rules, put any <FW1 Gateway Object> any drop long (stealth rule) everything else is dependent on your configuration.... Scott J. Friedman, MCSE CCSE CCNA Security & Cisco Routing Engineer LDMI / Ideal Technology Solutions, U.S. Email : [email protected] Phone :www.itsusnow.com www.ldmi.com >>> [email protected] 03/04/02 01:34PM >>> Hi Everybody, I have just took the ownership of maintaining the rulebase for FW-1. I will be embarking the task in down sizing our rulebase in to a manageble number of rules. I need some guidelines and direction in making my rulebase simple and secure. Based on your experience, what do you think is a must have RULE implemented in FW-1 or any other firewall (i.e lockdown, Drop All and Log, etc...). Any other advice you can give me in maintaining my rulebase and securing my firewall would be greatly appreciated. Thanks, Jonathan --------------------------------------------------------------------------- This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary , confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and erase this e-mail message immediately. --------------------------------------------------------------------------- Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. Si ce message vous a été transmis par erreur, veuillez en informer l'expéditeur et le supprimer immédiatement. --------------------------------------------------------------------------- ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|