We have a lot of small business clients who often have a single Draytek router/firewall - by default outbound traffic is set to allow all. Recently we setup some firewall rules on a clients guest wireless network to only allow 80/443 outbound. This caused several issues with things like iMessage, WhatsApp on staff mobiles and some other services.
So my question is, when setting a default deny all outbound how do you know what ports to allow for all the different services? Do proper firewall/UTM solutions have built in rules to easily allow this kind of traffic or is it a manual process of seeing what doesn’t port and finding the ports it uses?
No comments:
Post a Comment