Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall default IPS policies

I found https://community.sophos.com/sophos-xg-firewall/f/discussions/110856/default-ips-policies/397166?focus=true, didn't help.

Sophos pre-packages some IPS policies by default. Without having to go through each of them with a fine toothed comb, is there a reference document somewhere?

For example, what would one use generalpolicy for?

Or difference between lantowan_strict, vs. lantowan_general vs. LAN TO WAN.  Why have 3?

What's the difference between the lower case ones and the upper case ones? 

Why have a dmzpolicy and then have the uppercase LAN TO DMZ, WAN TO DMZ, DMZ TO LAN?

Thank you



This thread was automatically locked due to age.
Parents
  • Generally speaking, the default ones are not changeable. They are maintained by Sophos and are the same on every system. Most MSPs are using them, to have the same experience on every system. 

    The other ones are adjustable and can be modified. For example you can add a smart filter to it, or include / exclude a particular IPS rule. 

    General Policy basically is the "ALL" Policy rule. 

    LAN to WAN strict vs general is one more strict compared to the other. 

    Essentially you can use your MSP style, as you like or drill down it more to your liking. 

    __________________________________________________________________________________________________________________

Reply
  • Generally speaking, the default ones are not changeable. They are maintained by Sophos and are the same on every system. Most MSPs are using them, to have the same experience on every system. 

    The other ones are adjustable and can be modified. For example you can add a smart filter to it, or include / exclude a particular IPS rule. 

    General Policy basically is the "ALL" Policy rule. 

    LAN to WAN strict vs general is one more strict compared to the other. 

    Essentially you can use your MSP style, as you like or drill down it more to your liking. 

    __________________________________________________________________________________________________________________

Children
  • Thank you for responding  . This does not answer my question though. I guess I just have to comb through them to see what the differences are since it's not documented. When I have "free" time.  

    Sophos Firewall Engineer 16.0-20.0
    Sophos Firewall Architect 18.0-20.0
    Sophos Firewall Technician 18.0-20.0
    Sophos Central & Endpoint Architect 3.0-4.0
    Sophos Central Email v2.0
    Sophos Mobile v9.6
    Sophos ZTNA 1.0, 2.0
    Synchronized Security Accredited
    Sophos Gold Partner