Deny all outbound traffic except 80, 443 from a seperate proxy server ??

Unanswered Question
Jan 20th, 2009
User Badges:

Was wondering what the best practice is for this type of setup ??

Do I add a deny all on the OUTSIDE interface, or is best to add it to the INSIDE interface ???

Any suggestions appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Tue, 01/20/2009 - 06:43
User Badges:
  • Purple, 4500 points or more

Depends. Do you have DMZ devices that should be restricted from your inside users? I would say keep it consistent; don't apply them outbound on some and inbound on others. Make troubleshooting easier, not harder.

Hope that helps.

tanania2005 Tue, 01/20/2009 - 07:17
User Badges:

No ... in the DMZ I only have a reverse proxy.

Thats what I was expecting to hear ..

Thanks for your help.


This Discussion