Somewhat of a newbie.
I have to review several firewall configurations, that I do not have responsibility for.
I am reviewing a small office that does no hosting with internet access for the office users.
I didn't create the configs, just have to review them.
The firewall config has several "access-list outside rules" stated.
access-list outside extended permit tcp any any eq ftp log
access-list outside extended permit tcp any gt 1023 any eq ftp-data log
access-list outside extended permit tcp any any eq www log
The access list is assigned to an interface
access-group outside in interface Outside
There are no static routes defined for (inside outsid) and the access list is not used anywhere else in the config.
Is this access list actually protecting any networks or host if there are no static routes defined?