Hi all
As in Part 2 you have created the first three rules to allow only trusted DNS Servers an block all other connections at the end.
Now it’s time to create some policies/rules to access the internet or your mails.
Internet access:
For your internet access you should create a policy like the following:
source: all internal
dest: all external
service: http, https
action: allow
To secure this connections you should enable websecurity, antivirus and intrusion protection on this policy. The settings varies from firewall to firewall. To be safe – enable NGFW features.
After this policy you should be able to connect to the internet.
Now it’s time to setup your mail service policies:
Before you can create a policy you should think about, what services you need.
– smtp
– pop3
– imap
If you know the service you need, then you can create your email firewall policy:
source: all internal
dest: your mail provider
service: smtp, pop3, imap (what ever you need – have a look at the FAQ of your email provider)
action: allow
To secure the connection – activate NGFW features on this policy too.
At the end of this part 3 you should be able to connect to the internet and receive/send emails.
sirhartmann 