I have a firepower firewall that has about 500 access rules on it. The rules are all port-based, and I want to change them to be app-based. Now my worry is that it's not that simple to just swap ports to Apps because of app-switching during a session. So say a user is using office 365. Previously, they would just need 80/443 or whatever to get to the website. If I just change this rule to permit ssl and http with application checking, there would be a check now to see what office365 app they are using, and try to match that against a rule (so say they open th office365 excel page, the converted rule will not recognise the app, so would block it). So I'm worried I might miss these kind of rules. Is there some sort of migration tool for this to help me switch them over from port-based rules to app-based rules?
No comments:
Post a Comment