This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

cant block firewall itself

hi

i am testing utm 9 home edition version
i have some problem,i created rule any to any block,and the firewall still going to inet....after i hade block any to any i can do traces and dns lookups from support>tools
how can i prevent utm (firewall) go to internet??
like in kerio,chekpoint there is a "firewall" instead wan and lan networks,and i can prevent firewall going to internet or block some ports just for a "firewall"/
i put sophos behind another firewall ..and i see after i have create rule any to any block,utm still  going to internet ,and i can acees from wan to webadmin....

sophos utm(as a firewall) always going to Inet ,i can prevent host in lan ,but i cant block the wirewall itself going to internet....

some one knoe i can i prevent firewall going to inet?and how ca i see states thas are opened (states of firewall itself)

i dont want sophos utm sending notification to some smtp service automatic to deadmail.fw-notify.net

how can i control what is going on :)?


thanks



This thread was automatically locked due to age.
Parents
  • Why would you want to block the firewall itself to internet? By this the firewall is able to download pattern-updates and keep itself up-to-date. If you don't trust the firewall then you shouldn't use it at all.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • the question is not "trust or don’t trust"… how can I control all traffic from firewall itself? When I creating rule on all interfaces any to any block - ALL TRAFFIC should be blocked! Also firewall itself .I decide which traffic is allowed.so what I see that firewall steel going to iNet. Why I don’t see any loopback traffic on wan lag ?i can see it just in shell..ip tables print , i dont any logs in Sophos logs for loopback traffic So I removed loopback interface ..and changed some other rules (from command prompt),but this is not the way I think it should be "firewall" object/host built-in in UTM,and after installation it shoulbe blocked

Reply
  • the question is not "trust or don’t trust"… how can I control all traffic from firewall itself? When I creating rule on all interfaces any to any block - ALL TRAFFIC should be blocked! Also firewall itself .I decide which traffic is allowed.so what I see that firewall steel going to iNet. Why I don’t see any loopback traffic on wan lag ?i can see it just in shell..ip tables print , i dont any logs in Sophos logs for loopback traffic So I removed loopback interface ..and changed some other rules (from command prompt),but this is not the way I think it should be "firewall" object/host built-in in UTM,and after installation it shoulbe blocked

Children
No Data