Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ASA firewall - general question on outgoing traffic filtering

Posted on 2014-09-03
1
Medium Priority
?
198 Views
Last Modified: 2014-09-30
Hi,

General question here. We have "allow all" for traffic out. I realize this is not best practice however we are
very short staffed. I understand that it should be filtered for just "required" ports - ie 25, 80 DNS etc. I also understand that some applications may break if i perform this restriction - some use non standard or other ports to make connections.

My question: How common is it to "not restrict" outbound traffic? this was first setup like this by a competent Cisco engineer on a PIX firewall, This was 10 years ago though and I understand that risks are now more prevalent
0
Comment
Question by:philb19
1 Comment
 
LVL 2

Accepted Solution

by:
Ben Stirling earned 2000 total points
ID: 40301344
It is sadly very common in small to midsize businesses to see “allow all” for out bound traffic. That does not make it acceptable. My recommendation to you is to review your traffic for a few days. Add out bound rules for the traffic you see, and as you have time review, audit, and update. This is NOT the best or most secure approach, but if your only other option at this time is “allow all”…   then at least you have blocked anything new trying to get out.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question