Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
2
Replies

Understanding implicit outbound rule.

kendalle01
Level 1
Level 1

‎12-07-2005 10:05 AM - edited ‎03-09-2019 01:17 PM

On a PIX firewall the first rule states that any host can go to any destination on the inside interface. Does this rule allow any traffic from the network to get outside the firewall? The reason that I ask is I've been told that we need to block traffic going out as well as traffic coming in. Our PIXs are set up (I believe) to let anything go out but curtail anything comming in. Is it suggested to control what's going out as well?

Labels:
0 Helpful
2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

‎12-07-2005 01:22 PM

just to clarify, you have a rule applied on inside interface stating "permit any any", if so, this applies to traffic going outside.

yes it is adviasble to control your outbound traffic, due to the fact that an inside host can be compromised and start blasting traffic towards internet, hence choking your internet link, or an inside host is compromised and becomes a source of an attack.

0 Helpful

jackko
Level 7
Level 7

‎12-07-2005 03:49 PM

pix by default will permit any traffic originated from higher security level to lower security level, such as from inside to outside or dmz to outside; providing nat/global or static has been configured.

so i believe the pixes you've got are configured to permit all outbound traffic.

further, i guess whether to permit or restrict outbound traffic is based on the security policy.

0 Helpful
Customers Also Viewed These Support Documents