Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Replies 2 replies
  • Subscribers 40 subscribers
  • Views 466 views
  • Users 0 members are here
Options
Suggested

Firewall default IPS policies

DavidSain

I found https://community.sophos.com/sophos-xg-firewall/f/discussions/110856/default-ips-policies/397166?focus=true, didn't help.

Sophos pre-packages some IPS policies by default. Without having to go through each of them with a fine toothed comb, is there a reference document somewhere?

For example, what would one use generalpolicy for?

Or difference between lantowan_strict, vs. lantowan_general vs. LAN TO WAN.  Why have 3?

What's the difference between the lower case ones and the upper case ones? 

Why have a dmzpolicy and then have the uppercase LAN TO DMZ, WAN TO DMZ, DMZ TO LAN?

Thank you



Added TAGs
[edited by: Raphael Alganes at 11:24 PM (GMT -7) on 18 Aug 2024]
Parents
  • 0

    Generally speaking, the default ones are not changeable. They are maintained by Sophos and are the same on every system. Most MSPs are using them, to have the same experience on every system. 

    The other ones are adjustable and can be modified. For example you can add a smart filter to it, or include / exclude a particular IPS rule. 

    General Policy basically is the "ALL" Policy rule. 

    LAN to WAN strict vs general is one more strict compared to the other. 

    Essentially you can use your MSP style, as you like or drill down it more to your liking. 

    __________________________________________________________________________________________________________________

Reply
  • 0

    Generally speaking, the default ones are not changeable. They are maintained by Sophos and are the same on every system. Most MSPs are using them, to have the same experience on every system. 

    The other ones are adjustable and can be modified. For example you can add a smart filter to it, or include / exclude a particular IPS rule. 

    General Policy basically is the "ALL" Policy rule. 

    LAN to WAN strict vs general is one more strict compared to the other. 

    Essentially you can use your MSP style, as you like or drill down it more to your liking. 

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    Thank you for responding  . This does not answer my question though. I guess I just have to comb through them to see what the differences are since it's not documented. When I have "free" time.  

    Sophos Firewall Engineer 16.0, 16.5, 17.0, 17.1, 17.5, 18.0, 18.5, 19.0, 19.5, 20.0
    Sophos Firewall Architect 18.0, 18.5, 19.0, 19.5, 20.0
    Sophos Firewall Technician 18.0, 18.5, 19.0, 19.5, 20.0
    Sophos Central & Endpoint Architect 3.0, 4.0
    Sophos Central Email v2.0
    Sophos Mobile v9.6
    Sophos ZTNA 1.0, 2.0
    Synchronized Security Accredited
    Sophos Gold Partner

Unfiltered HTML