topic Where to apply Anti-Spyware Profiles in General Topics

Where to apply Anti-Spyware Profiles

Jason_Martin — Fri, 17 Jun 2016 20:05:10 GMT

I've looked around in various places and can't seem to find a definitive answer on this. In regards to anti-spyware profiles, is there any need to apply these to security policies with a source of the outside Internet zone bound for your inside network (lan or dmz, etc). As I understand it, the purpose is generally to identify and stop "phone-home" type activity and thus it only seems necessary to apply AS profiles to rules that go from inside>outside.

Re: Where to apply Anti-Spyware Profiles

nikoo — Fri, 17 Jun 2016 20:25:24 GMT

Not giving defenitive answer and generally inside hosts are making the trouble, yes. Although you can still get a match for a spyware for a traffic coming from outside to inside. So generally if I have enough free resources on the firewall, I add such a protections for both directions - I see nothing wrong with having that security layer for my servers, etc. It may be required to make custom policy, tune something and so on.