02-10-2011 09:25 AM
We're putting in a 4020 in Wire mode and to start I dont want to block anything. I just want traffic to pass through so I can gather stats. I am assuming my policy will be something like this:
TRUST UNTRUST Any Any Any Accept
UNTRUST TRUST Any Any Any Accept
Look right ?
Thanks,
Justin
02-10-2011 10:17 AM
That is correct. You will put the trust and untrust zones in the policies and put any in the other field and allow the traffic. That way you will see all the applications.
If you also want to have visibility on the threats etc you can create a vulnerabilty, antivirus, spyware and URL profile with the action on Alert and add those profiles to the policy rules. That way you can also see what happens on that part.
Marcel
02-10-2011 10:17 AM
That is correct. You will put the trust and untrust zones in the policies and put any in the other field and allow the traffic. That way you will see all the applications.
If you also want to have visibility on the threats etc you can create a vulnerabilty, antivirus, spyware and URL profile with the action on Alert and add those profiles to the policy rules. That way you can also see what happens on that part.
Marcel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
