ASA firewall - general question on outgoing traffic filtering
Posted on 2014-09-03
General question here. We have "allow all" for traffic out. I realize this is not best practice however we are
very short staffed. I understand that it should be filtered for just "required" ports - ie 25, 80 DNS etc. I also understand that some applications may break if i perform this restriction - some use non standard or other ports to make connections.
My question: How common is it to "not restrict" outbound traffic? this was first setup like this by a competent Cisco engineer on a PIX firewall, This was 10 years ago though and I understand that risks are now more prevalent