topic Re: Default Wire Policy Question in General Topics

Default Wire Policy Question

jhickey — Thu, 10 Feb 2011 17:25:28 GMT

We're putting in a 4020 in Wire mode and to start I dont want to block anything. I just want traffic to pass through so I can gather stats. I am assuming my policy will be something like this:

TRUST UNTRUST Any Any Any Accept

UNTRUST TRUST Any Any Any Accept

Look right ?

Thanks,

Justin

Re: Default Wire Policy Question

mderksen — Thu, 10 Feb 2011 18:17:44 GMT

That is correct. You will put the trust and untrust zones in the policies and put any in the other field and allow the traffic. That way you will see all the applications.

If you also want to have visibility on the threats etc you can create a vulnerabilty, antivirus, spyware and URL profile with the action on Alert and add those profiles to the policy rules. That way you can also see what happens on that part.

Marcel