![]() Make sure you’re applying essential protection to all your firewall rules. You can easily snap-in protection policies to your Firewall Rules If you are on v18 already, review all your NAT rules to ensure all are required and adequately protected by a corresponding firewall rule. If you are on v17.x we suggest you upgrade to v18 for the latest NAT rule enhancements. VPN and MFA provide much better security for remote access to internal network resources. In particular, disable all non-essential port-forwarding rules, and re-evaluate if any of the port-forwarding rules you have can be better accommodated via VPN access or, at the very least, multifactor authentication.Įxposed services and servers through port forwarding are one of the top ways hackers breach your network. Then, go through your firewall rules to examine all the active rules to ensure they are needed and proper protection is being applied. Start by checking the ‘Active firewall rules’ widget on the Control Center to identify unused rules: Ensure you don’t have any unnecessary or unused rules that are presenting openings that hackers can take advantage of. It’s very important that you periodically review all your firewall rules to ensure that there are no avoidable “openings” in your network. If your firewall has been running for a while, you may have dozens or even hundreds of firewall rules you’ve added over time. If you’re new to XG Firewall or v18, check out the introductory video on Firewall Rules and the What’s new in v18 for Firewall Rules video. Hence, it’s essential to protect your network by applying security policies to these firewall rules. Of course, by design, your firewall blocks all network traffic – your network is completely locked down – but you enable traffic to flow by creating firewall rules.įirewall rules enable your network to function, but they also create opportunities for hackers, ransomware, and malware to enter. ![]() INSTRUCTIONS: ‘How to download firmware updates’ ► VIDEO: ‘Firmware update and roll-back’ ► Firewall rule and protection policy recommendations You can get the latest v18 release for your XG Firewall from MySophos. Web Server Protection – Essential if you have any servers that require public internet accessĪlways keep your firmware up to date to ensure you have the latest security, performance, and reliability updates.Email Protection – Essential for anti-spam and phishing attack protection.Sandstorm Protection – Essential for the latest threat protection using artificial intelligence and sandboxing analysis.Web Protection – Essential for web security and control and application control.Network Protection – Essential for IPS, advanced threat protection, and botnet protection.On your XG Firewall go to Administration > Licensing and ensure you have these essential network protection subscriptions: ![]() Contact them at Double check your protection licenses If you don’t have time to perform these steps, the Sophos Professional Services team of network experts is available to help ensure your firewall is configured optimally. ![]() To ensure your XG Firewall is protecting your network optimally, follow these best practices after initial setup or periodically. There’s also a great list of articles and videos to review on the Initial Setup Community Forum. INSTRUCTIONS: ‘How to deploy in gateway mode’ ► VIDEO ‘Registration and setup wizard’ ► Get familiar with XG firewallĪfter the initial setup, review our extensive library of Getting Started How-To videos and the Documentation for XG Firewall. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |