Afternoon oh wise ones
Wondering whats peoples opinions on this cause I'm beginning to lean towards no.
Background wise, I'm on a network cleanup since there's been a a huge amount of change over the last couple of years with all the focus being on next new project instead of proper configuration and monitoring of the everything that's just been put in (basically the get it works and deal with the rest never attitude).
As a result, the amount of traffic being blocked at the firewall generated by every application, OS, IoT device etc trying to dial home/get updates/god knows what else is making a proper baseline really difficult.
I've started going through it all to see what exactly is causing it all and will hopefully be able to solve the majority at the application level but stuff I can't (or the owner wont) I'm leaning towards an explicit block rule with logging disabled so we can focus on actual new behaviors.
How do you all approach this?
No comments:
Post a Comment