Background:
Users familiar with the on-premises setup for firewall security policies are confused by settings in cloud mode.
The last rule displayed in the security policy is an implicit ALLOW ALL that actually refers to traffic “from LAN to Internet”.
This lead to users wondering why the default rule allows all traffic from the Internet to access the LAN subnets.
Firewall > Configure > Security policy
Solution:
Add more transparency to the security policy list.
Also, improve the description of the implicit rules to imply which zones these rules apply to.
Firewall > Configure > Security policy
How to Use:
Anytime a new LAN/VLAN is created in the Interface settings page, a new implicit Allow rule is added. Also, display special implicit rules when enabling Guest Interface.
Firewall > Configure > Interface
Firewall > Configure > Security policy
Comments
0 comments
Please sign in to leave a comment.