so we use palo alto firewalls, for better or worse, and I have a couple of pfsense boxes in my not-this-client's space. So let's say someone has set up their wireguard to use a common udp port, say 53/DNS. or 443/https. or 853/dns-tls. or whatever. (tho I'm not sure that 443 or 853 will apply to this thought train because the protocols are TCP. But anyway, you get the idea)
there's not a palo alto app-id for wireguard (that I saw anyway). So how will I be able to definitively determine if some person is using wireguard from my inside to their outside?
or even not definitively...maybe just a heads-up warning that doesn't get lost in the noise?
disclaimer: it's probably obvious I haven't dug into wireguard much. Yet.
thanks!
No comments:
Post a Comment