09-07-2021 05:57 AM
I have a concern where is there any way to block malicious domain based or malicious ip based traffic ingress through the firewall to trust zone or dmz zone from untrust zone to be blocked at interface level even before it reaches to pbf or policy or processing over firewall.
Is there any way to block malicious domain before it is being processed. Let me know the possibilities.
09-07-2021 10:35 AM
If you don't want this traffic to be processed by the firewall, you would need to drop it before it reaches your firewall. If you have that requirement then that traffic should be dropped immediately by your first controlled network resource, so in most cases a router.
09-07-2021 08:35 PM
So firewall cannot drop a packet at isp interface level am i right?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!