Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Filtering outgoing traffic?

A cohort is telling me that I should create ACLs for filtering outgoing traffic on the PIX 515E, version 6.2, limiting it to well-known protocols. My practice is to filter incoming traffic but to allow all traffic out. He states that filtering outgoing traffic will help derail any intruder that uses port 80 or ftp or whatever allowed port to come into the network, but then use a non-standard port out in a conversation that is originated from within, thereby opening a security hole. Is there any credence to this thought?

1 REPLY
Cisco Employee

Re: Filtering outgoing traffic?

Brent,

Well, it actually might not be a bad idea to limit your traffic like this. The more restrictive you are with your Security policy, the less opportunity you provide to outside "guests" Depending on your security needs, I would actually support this configuration. Open standard ports, and unless someone can prove to you and/or your administration that they require other ports, keep it locked down.

Regards,

Bryan

80
Views
4
Helpful
1
Replies
CreatePlease to create content