Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 212
  • Last Modified:

3 Com Super Stack Firewall

We have a 3 com super stack firewall at work

I have a basic knowledge of setting up the firewall which has been completed and working well.

What are good default policies that every firewall should have in place for Blocking certain ports, key words, websites and so on
.

Thanks in adavnce

Mark
0
ellandrd
Asked:
ellandrd
2 Solutions
 
Tim HolmanCommented:
Allow these ports out:

80 (http)
443 (https)
53 (dns)
25 (if you host your own mailserver)
110 (if you use an ISP's POP3 mailserver)

..and NOTHING in, except 25 if you host your own mailserver.

A good start is to allow everything out, but NOTHING in.
0
 
hawgpigCommented:
The 3 com super stack is like all other firewalls...
I will not allow initial connections from the outside world...
but will allow all from the inside to initiate a connection....
unless you plan on tranlsating a web to the outside world the default config will work fine for what you are trying to do.....
The 3com has the capablilty of doing web filtering by keyword....or web site.....
This is great for home use....but I have found it a serious Pain for business use.....I get a lot of calls from clients that can't get to a particular website because of a single swear word.....
So just a word to the wise.....if you decide to use web filtering on the 3com.....be aware you may end up chasing some ghosts once in a while...
Sounds like you have it under control...
Good Luck
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now