I know very little about watchguards (or really most complex firewalls). I have 2 watchguards in location A and location B. looking at the policies on the main office's watchguard, I have 16 rules. wonder which are needed?
This is an XTM21 (old unit, right?)
it takes a few seconds to go from screen to screen / get the list of firewall policies, etc. 'retrieving data' on screen for 9 seconds... there's 16 policies in the list. Is that a long time for pages to load?
a) do you just replace watchguards after x years because they are old?
b) do you reboot them on a schedule? How often? every week? month? year?
This watchguard is set up for:Exchange on the SBS server on the LAN, General surfing from inside the office, VPN to the other location and phones being able to connect to the exchange server from outside.
How many rules should those take?
Looking at the policies, I think this is what are set up. I inherited this network so may be unneeded / defaults that came with the box?
FTP OUTboundSMTP (192.168.2.3 to Any external)
GeneralProxy (From HTTP-proxy to ANY Trusted)
SMTPtoMailSrv (From ANY to 75.127.x.x->192.168.2.3)
HTTPtoMAILSrv (From ANY to 75.127.x.x->192.168.2.3)
POP3toMailsrv (From ANY to 75.127.x.x->192.168.2.3)
IMAPtoMailsrv (From ANY to 75.127.x.x->192.168.2.3)
HTTPStoMailsrv (From ANY to 75.127.x.x->192.168.2.3)
RDPtoMAILsrv (From ANY to 75.127.x.x->192.168.2.3)
Voicecom mail system (From ANY to 75.127.x.x->192.168.2.3)
Watchguard web UI (from ANY to Firebox tcp:8080)
Ping (From ANY to ANY)
Watchguard (From ANY to Firebox tcp 4105, 4117, 4117)
Outgoing (from any trusted, any optional TO any external, ports 0 on TCP & UDP)
VPN Alllow in (from LocA to any)
VPN Allow Out (from ANY to LocA)
That mailserver IP 75.127.x.x... i don't recognize that. They've been using SBS 2011 / the exchange in that box which is in the LAN (192.168.2.3) for 5+ years.