topic Management Profile and Security rules in General Topics

Management Profile and Security rules

Rokkam — Wed, 25 Jan 2017 21:31:37 GMT

Hi There,

I got a question, on non-mgmt interface firewall, I configured a management profile to access SSH and HTTPS do I need to allow the security policy explictly to access firewall ?

Re: Management Profile and Security rules

TranceforLife — Thu, 26 Jan 2017 10:37:57 GMT

Hi,

Hmm.. With intrazone-default policy same zone traffic is permitted with any any. Try without the MGMT profile first if not then attach to the interface and try again.

Thx,

Myky

Re: Management Profile and Security rules

reaper — Fri, 27 Jan 2017 11:01:43 GMT

unless a higher-up policy blocks intra-zone connections, this connection will be allowed by default (inside the same zone as to which the management profile is bound), but for accountability you will want to create a rule specifically for this access so any unauthorized access attempts are logged explicitly and even security profiles can be applied to protect your management from brute force or other attacks