Hi All,
I've been browsing around this forum and the web for the past of days and have got myself turned around in circles
Basically I'm changing jobs and the firm I'm joining as virtually no protection. Due to budgets etc I'm thinking of using Endian EFW 2.4 respin but am coming from a ISA 2006 background.
So far I'm loving what I am seeing with Endian, successfully installed and joined my lab domain and can reach the web but I'm looking to lock down access to the users (with authentication).
If I can explain how I've setup ISA in the past itmay help you understand what I am after.
ISA was a perimiter firewall - 1 green and 1 red interface. By default all ports are blocked in ISA and you would have to manually create a new policy/access.
eg:
1: Name: Default - Action: Deny - Protocols: All Trafic - From: All Networks - To: All Networks - Condition: All Users
I would then create:
2: Name: Allow HTTP - Action: Allow - Protocols: HTTPS - From: Internal (green) - To: External (red) - Condition: SG-Allow-HTTP
3: Name: Allow FTP - Action: Allow - Protocols: FTP - From: Internal (green) - To: External (red) - Condition: SG-Allow-FTP
The "Condition" element is a Windows AD security group. So if you are not a member of say "sG-Allow-FTP" then your FTP access request would be denied.
So... what I am after is more or less a completely locked down Endian system and then manually creating the access rules for AD user groups.
Can anyone please be kind enough in helpig me figure out this type on configuration within Endian?
Maybe I'm getting myself confused with the Firewall page and the Proxy page?
Thanks in advance and be prepared for possibly many more posts
Cheers
Author