I’m trying to tidy up my firewall rule base

Asked By 20 points N/A Posted on -


I'm trying to tidy up my firewall rule base. One of my exchange servers is talking to a DC using ports that expected to see inter-DC replication. Example for this case is given below.

Example: Port 135, nbdatagram, nbname, 49155, domain-udp, and others

Without spreading around the DCs in the estate, all the traffic goes to one particular DC.

My exchange server is not a DC.

My question is, why it's happening so?

Please give me your solutions for this.


Answered By 10 points N/A #155862

I’m trying to tidy up my firewall rule base


Hallo Dee,

Here are points that will help you to tidy up your firewall rule base:

  • You will need to get rid of  fully shadowed ruleswhich are effectively useless. In case you have got SecureTrack, these will be detected by the Rule as well as Object Usage report.
  • You will need to delete expired and unused rules and objects. All of these  can be detected using the Rule and Object Usage and the Expired Rules reports.
  • Remove unused connections – specific source/destination/service routes that are no longer  in use. You can be able to detect them with the use of the Automatic Policy Generator to analyze traffic patterns.
  • Enforce object naming conventionswhich will make the rule base a lot easier to understand. For instance, you can use a consistent format for instance host_name_IP for hosts.

Hope this helps.




Login/Register to Answer

Related Questions