in addition to:
#
|
Name
|
Source
|
Destination
|
What
|
ID
|
Action
|
Feature and service
|
---|
Put NAT name in the column. Thanks
in addition to:
#
|
Name
|
Source
|
Destination
|
What
|
ID
|
Action
|
Feature and service
|
---|
Put NAT name in the column. Thanks
I am not sure, if this is even helpful in the long run.
Simply because i(personally speaking) assume, most people will use a MASQ rule for everything.
And this will lead to no matching linked NAT Rules anymore.
Let me put more time into my conclusion:
As my post about the SNAT Rule (NAT Migration) explains, XG uses somehow the same mechanism like UTM.
So you could say, the MASQ / NAT Rule tab is back. And like on UTM, it is not possible to point out, Firewall Rule X / Y / Z are using NAT (MASQ) Rule A or B or C.
The question is, will most user use the Linked NAT Rules or the MASQ SNAT Rule.
I guess, Sophos needs more insight of the handling of such deployments, how the administrator will interact with XG Firewall & NAT.
And thats one of the main reasons of a EAP. To see, how people are using the XG.
Currently i have cleaned up all my XGs (no matter which size 125-450). Simply to have a better rule set.
Maybe nobody will follow this approach, than your suggestion will be good!
Maybe most people will follow my approach and in the long run (after V18) Linked NAT rule is not be used anymore. I dont know.
__________________________________________________________________________________________________________________
A carefully structured ruleset always helps with these situations.
As Steve says, it is visible from the pop out and will be used similarly to when observing which IPS, Web and App policies in use.
Emile
A carefully structured ruleset always helps with these situations.
As Steve says, it is visible from the pop out and will be used similarly to when observing which IPS, Web and App policies in use.
Emile