Rules necessary both ways?

Forum|Forum|16 years ago
August 7, 2009
2 replies
3153 views

We want to filter our certain web sites with our Fortigate, preventing internal machines from reaching these sites. Must we have outgoing and incoming rules? It would seem that we would only need outgoing rules. However, in a typical firewall if you have no rules there is an implicit " deny all" rule. From what I read, Fortigate is the same way. So, must I have an explicit " allow all" rule for incoming, and then all my filtering profiles go in outgoing rules? Or can I get by with no incoming rules at all?

RickP

New Member

If your network is made up of internal users connecting to external resources, no incoming rules are required. It' s true that a session with a web site (for example) is a two-way communication, but your users always initiate the session. The FortiGate unit keeps track of these allowed sessions and permits the connection recipient to send data back to your users, in response to their initial communication. The only time you need an incoming policy is if you want to allow an external user to *initiate* a session with an internal resource.

MitchKAuthor

New Member

Thanks Rick, much appreciated.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded