Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions protect internal webserver

Sophos Firewall requires membership for participation - click to join

Thread Info

State Suggested Answer
Locked Locked
Replies 3 replies
Answers 1 answer
Subscribers 39 subscribers
Views 1533 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

protect internal webserver

chanklish over 1 year ago

hello

i have 2 different webservers running in my internal network

how should i protect them in my sophos from external attacks ?

thank you

This thread was automatically locked due to age.

Top Replies

Erick Jan over 1 year ago in reply to chanklish +1

Hi TarekHalloun, I would advise you to create two separate rules for each server. You can create two different Firewall rules to allow only the specific ports needed for each server to be accessed from…

0 Erick Jan over 1 year ago in reply to chanklish

Hi TarekHalloun,

I would advise you to create two separate rules for each server. You can create two different Firewall rules to allow only the specific ports needed for each server to be accessed from the internet and also restrict other traffic.

The link applies to Sophos Firewall.

Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Cancel
0 chanklish over 1 year ago in reply to emmosophos

each server has a different port (not running on 80 or 443)

should i create 2 distinct protection rules?

does your link apply to xg ??
Cancel
Vote Up 0 Vote Down

Cancel
0 emmosophos over 1 year ago

Hello there,

Thank you for contacting the Sophos Community.

If they’re accessible from the WAN, you might want to configure WAF in your Sophos Firewall.

If they aren’t meant to be accessible from the WAN, then ensure you don't have a misconfigured DNAT rule allowing access to your servers.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel