We have almost 600 SonicWalls in the field and we are really struggling with centralized management (GSM sucks) and the EPC for endpoints isn’t even a thing until you also put in an SMA. More $$$$ What are you guys using where these things are critical?
What else am I missing that I should consider. The firewall is the entry point to the network, we should be able to see more.
I am not new to servers, networking or hardware, but I am new to this side of things.
I have 60 WANs of differing types, but mostly consumer DSL and static IP broadband services. I need to keep all 60 and want to use all 60.
At first I was led to believe that I can use a Layer 2 switch to physically connect each WAN to (like a Cisco Nexus 3064T--but with sufficient ports) and then trunk it to my firewall appliance. The firewall appliance will then allow me to manage all 60 WANs through SD-WAN. This was my initial fairy tale.
However, another engineer told me I need to use a WAN aggregator (not a Cisco 3064T) ahead of the firewall. He mentioned A10 and F5 as two brands to look into, which left my head in a bit of a spin, so I need to ask whether an aggregator really is necessary for this to work period or is it just a way to reduce the count of WANs I expect the firewall to manage?
Thanks in advance to any input you can provide!
So I absolutely love the idea of the tweak and remember having Firewall IP7 back in the day.
My only question is... What do y’all look for when deciding whether to allow or block? I’ve just been allowing everything because I don’t know what I’m looking for.
I mean I’m sure I’d block it if it said something like “hackyourshit.com” is trying to connect but... other than that, it’s being allowed.
My Basic IoT VLAN Setup | My current IoT VLAN Firewall Rules | Chromecast-Specific Settings | Sonos-Specific Settings | Apple TV / AirPlay-Specific Settings | Roku-Specific Settings | HP Printer-Specific Settings
I'm working on Yet Another IoT VLAN guide, and trying to be as complete as pos... keep reading on reddit ➡
Disclaimer: this tale does not contain any IT elements, but is definitely a support tale, so please give me the benefit of doubt, because it mentions that mythical place called outside. As I have explained in my previous posts, I am part of a big company that builds and maintains lots of $BigExpensiveParts. Think of these $BigExpensinveParts as being best described as big metal boxes (think shipping containers) filled with electronics at many various locations spread around the country. The electronics feed back signals to a blinkenlights control panel in an office in a place that you have probably never heard of. If a blinkenlight goes out a technician is dispatched (level 1 support) , then if the technician utters swear words due to an unusual situation a $troubleshooter like myself is called (think level 2 support).
Situation we have a $BigExpensivePart that is located at the far end of a dirt track, and alongside the length of the track is / was a big brick wall. And when I say bi... keep reading on reddit ➡
I [16M] am very upset with my parents since they added a Firewall to our home WiFi. They did this without telling me, and since I frequently play video games on my PC, I immediately suspected something was wrong when my discord wasn’t loading up. I googled the issue and I found that half the websites I looked at to solve my issue would load and were blocked. Upon investigating I suspected they added a firewall to our WiFi, and my theory was confirmed when Snapchat wouldn’t work on my phone with the WiFi on, but with data it worked fine. Now this is where I might have been TA. I stormed my parent’s room asking why they blocked so many websites except ones they enjoyed. (Instagram worked and I know that my father likes to scroll through it on a daily basis). Their explanation was that my sister has been using TikTok. I asked them if punishing me for something my sister did wrong was fine with them, and my dad shrugged and said that the firewall worked and that he could add websites and... keep reading on reddit ➡
I know each vendor usually has a tool, but in my experience they're pretty crappy.
I've been thinking about starting an open source project, maybe creating a file format to import to/export from, and then creating scripts to translate to/from various firewalls. Not sure if something like this exists but I haven't found anything.
I do a lot of firewall migrations at my job, and I know each vendor has their own caveats and peculiarities (zones vs levels, etc.), but it seems like if I can abstract enough into concepts I could at least get the major parts to work like NATs, security rules, and VPNs.
Just announced, it looks super fast paced and fun honestly. But I'll hold my breath until I hear about their server solution.
App Firewall by u/yelow13 is available for free on BigBoss. It will prompt you when an app requests internet access - all whitelist rules can be configured from settings. Selectively prevents ads in most apps/games and even has a beta mode for system services.
Official Discord link here. My bounty for this can be found here. If you would like to request a feature or report a bug, reply to this thread and include device, iOS, jailbreak and App Firewall version.
Current Bugs (v1.1.1 on iOS 13.5):
I know this isnt necessarily the best place to vent frustration but I gotta say it somewhere lol.
After spending £80 (10 on the game, 50 on aim controller and 20 on PS+) I gotta say firewall zero hour is one of my most dissapointing purchases ever.
I feel that the game should have a rounds system like other shooters, rather than kicking you in the lobby after one match (where people will most likely just leave/get disconnected) there should be at least 5 matches per game.
Also it seems im spending 80% of my time searching for a game and 20% actually playing the game. I go to lobby after lobby and people either leave or we never have enough players after 10+ minutes of waiting.
Anyone else have similar experiences to this?
Driven by a previous post I wrote on ICMP, I've spent a bunch of time looking at reliably detecting devices on a network that may have firewalls blocking pings. There's a bunch of other tools that do this (arpping for one), but I haven't seen anything in PowerShell. Ended up with a pretty cool solution that can scan a whole /24 in well under a second.
Discovered a bunch of other interesting stuff in the process, that's in there too... how long you do think
Start-Sleep -Milliseconds 1 takes? :)
Is it possible to Virtualize a router for labbing purposes? I'm wanting to virtualize a Sonicwall to explore the GUI, learn its functionality and also mess around with seeing up app control, vlans and other stuff.
I've been running my pfsense box from an old computer and I'm considering to get maybe a smaller unit or a rackmount unit which uses less power.
What are people using these days are the watchguard red boxes still any good.
I'm not sure how common this is, but I have the fortune of working for a place that has
permit ip any any rules on ASA firewalls, and we've been afraid to tackle that because we don't want to break anything.
Is there a methodical way to see what traffic is hitting the explicit permit on an inbound ACL so we can slowly create explicit rules and eliminate the explicit permit?
This is a video demo of Portmaster. This app shows all the requests being made on your computer in real time, and allows you to block or allow them at will. It shows the domains, not meaningless IP addresses. It's like uMatrix for your whole computer, not just your browser. It's like a firewall and Pi Hole had a baby.
Available for Windows and Ubuntu.
Safing website: https://safing.io/portmaster/
This app is free and open source. r/safing u/davegson
Greetings. First post.
I started a new job at a company that needs major network upgrades, including firewalls. Currently we have a main site (~100 users) with 20ish satellite offices (each about 5-15 users). We run site to site VPN's between locations, and are becoming more and more of an Office365 and Azure shop, so interoperability with Azure doesn't hurt.
Currently running ASA5506x's at pretty much all locations so I'm looking to retire them all.
My key priorities are:
- Ability to be remotely managed
- Strong UTM capabilities
- SDWan would be nice
I did purchase a smaller Checkpoint for one location to try and out and honestly have been underwhelmed with it.
Very interested in what Juniper is doing lately.
I love Meraki's "single pane of glass" management, but unsure of how the actual firewall is.
So odd enough I am a WAN/LAN/IT guy by trade, but only ever buy brand new gear, and cost is seldom a concern for our company and clients. I have always been super lazy with my home network and run consumer crap, because ya know, plug it in, turn it on, fill out 2 questions, just works.
I know its odd, that I'll configure complex(ish) switching fabric configs and then run a single WirelessRouter at home, and quite frankly its embarrassing.
I am also sick of consumer gear failing on the regular. My latest was a TP-LINK Archer C90 (AC1900) Wireless Router, and after 9 months it just stopped routing / natting traffic properly. So I am temp running an old R7000 Nighthawk I have laying around running DD-WRT, but its WIFI is slow, and quite frankly I've never loved the DD-WRT GUI.
I am going to buy a UBIQUITI UNIFI FLEXHD because I think its a beautiful piece of kit, and I think the Unifi controller interface is actually quite cool/interesting, and its about time I switched to a w... keep reading on reddit ➡
I haven’t played Firewall in a bit, and figured that after it was offered free on PS Plus it might have improved, but nope. Even on a Saturday night I was sitting waiting in an empty lobby for a game to start. How is this possible and how have they not fixed this? Seriously! it’s a fun game when you can get a game. I don’t know why they don’t offer different game modes. And If I have to wait so long then at least make the games last longer than 2 minutes.
For reference, I'm using a powershell script based on this one:
Just run the script to set the rules, fly into the tower, then when you leave, press ENTER again to remove the rules. I created a taskbar shortcut that launches the script to make it easier.
The reason this works is because BEAVER errors are due to miscommunication/networking issues between you and the other people in your "bubble" (patrol space, social space, etc.). If you block the ports that communicate with others, you will avoid the BEAVER error completely.
I got to thinking how much more clarity we could have with a higher render resolution of the PS5. You think they'll do it?
I need help understanding a few things here. I recently swapped an our old Paloalto firewall for a newer one. The firewall has multiple connections to an "ISP switch" (Cisco 2960XR) that is acting as a layer 2 switch. There is no aggregate here, the different PA interfaces are just for different traffic types. The configs on both Palaltos are the same.
For the cut over I unplugged int 1 on old PA and plugged it into new PA and went down the line, just swapped all of the cables.
At this point everything looked good, we were able to get out to the internet, the first internally hosted site I was able to hit, but then the second I couldn't. Some internally hosted sites we could get to and others we weren't able to. Running a packet capture we saw that the Paloalto was dropping packets, but there was no real indication of why. We rebooted the PA, on the ISP switch we cleared the mac address-table and arp table. After about 5 hours of troubleshooting we figure what the hell and lets t... keep reading on reddit ➡
why do you need to allow heroes when firewall pops up every single time? why not just once?
6 hours ago we replaced the Watchguard firewalls at a customer site with a new 100F firewall.
This went without issue and all services are working fine, except for some strange oddities with SMTP.
SMTP is working OK, so long as you're not on yahoo! or have your email hosted by Office365.
Inbound SMTP appears to work OK from any service provider. Outbound works OK for Gmail, Hosted Exchange from what we can see. However if you're on Yahoo! or Exchange Online, The HELO, RCPT TO, MAIL FROM go just fine, DATA does not flow.
Sanitised log below:
13-06-2020 16:12:10 3 SMTPClient [EDFF6B51] Thread started. Sending message (269AE74436)
13-06-2020 16:12:11 2 SMTPClient [EDFF6B51] (269AE74436) Sending message for: <SENDER>
13-06-2020 16:12:11 3 SMTPClient [EDFF6B51] (269AE74436) connecting to: 18.104.22.168:25
13-06-2020 16:12:11 3 SMTPClient [EDFF6B51] (269AE74436) Receive on HELO: 250 OK
13-06-2020 16:12:11 3 SMTPCl... keep reading on reddit ➡
And if so, did they fare well?
Everything I'm reading about zoom is about their privacy failures, and a handful of patched security bugs within the app. I'm curious to hear your thoughts regarding blocking it outright vs. enforcing a minimum software version to keep people up to date. I'm conflicted because a LOT of people at my company use it regularly for both work and social activities and this is increasing our ticket counts drastically, but I also understand the value of security and privacy in the IT world.
How is your company dealing with this? What are some talking points and resources you've used to make any decisions regarding Zoom?
The pivot point on the bellhousing was taken apart and cleaned/greased. I didnt lube the cable before installing it because I didnt think it was necessary but some people say its needed on the non OEM cables.
The quadrant does allow a tiny bit of slack.
Hi as the title says I'm making the switch over to Ubiquiti from our current terrible mesh system.
The current idea and possibility is to have an access point on the top floor and second floor (wired with ethernet). I also have a ubiquiti switch.
Is it possible, for the ground floor where we have no ethernet cables to put a mesh/wifi extender from ubiquiti? And if so, what product do you suggest?
Furthermore do you recommend changing to the ubiquiti firewall the security gateway and is there a good use for the cloud key gen 2?
Thanks a lot in advance, please let me know if I'm missing anything.
Hi All, After a few days of using no root firewall to control my outgoing traffic (specially the one that goes to China) I found that if you block the internet connection to some xiaomi apps the apps keeps trying to connect to a Singapore server every minute and It destroy my battery. If allow the apps they connect and stop but I'm trying to prevent that. Is there any way to prevent the apps to try to reconnect to the alibaba server?
I debloated most of the apps but I'm not root and I don't like custom rooms bc they aren't stables.
I have a MI9T
I share a link to a picture exposing that: https://ibb.co/hMPX7yX
Steam currently uses internet and I am trying to block it. I am trying to make a custom rule but steam makes its own custom rules to allow internet traffic.
Is there any rule or program that overwrites or at least elevates above the level of the custom rule that steam uses? (This is because even if you change/delete/whatever the rule it gets auto made by steam.exe again)
I know in the past many people have been using my DGA feeds at https://osint.bambenekconsulting.com/feeds for their firewalls (pfsense or using pfBlockerNG). Due to some implied lawsuit threats, I've had to make this a proper commercial offering but still intend to provide free access to home users, researchers, and charities.
So if you'd like to use my threat feeds that will protect you from about 60 families of malware, fill out this form: https://docs.google.com/forms/d/1rcLFEfSmo09lPQM8YT4VU3ixTwZ-1lK_0G5R3wk5oJY
If you're using it to protect a business or part of a commercial offering, you'll need to get a (affordable) paid license but I'm guessing that's very few people here.
Let me know if you have any questions.
Are there any STIGs for Meraki Firewalls? Has anyone hardened one for NIST compliance? Is it capable? Any advice here would be appreciated before I start re-inventing the wheel here...
So I'm on OnePlus 6T Android 10, rooted with Magisk. I have AdAway to get rid of ads but I'm trying to find a firewall (paid or free) which blocks the selected apps internet connection when they're not in use. Example, If I select Uber, then Uber should/can ONLY connect to the internet when I launch the app, else it should be blocked.
Any suggestions would be appreciated. Thanks!
Edit: So I tried AFWall+ but it doesn't seem to have what I'm looking for. Only app which had one is AdGuard which also doesn't seem to work really well, at least in root mode. Perhaps any developer who's seeing this might be interested and bring this vision into reality. Thank you all for taking the time and commenting!
Just wanted to know what scenarios or setups or requirement would require you to ger a XG firewall instead of a RED for branch offices ? we have a lot of branch offices and 2 redudndant XG firewalls at our HQ. Some VARs are proposing REDs, others are proposing smaller XGs for branch offices
Just got a lovely email from Sophos: https://images2.imgbox.com/9d/e7/LP0TacpR_o.jpg
Looks like there was a SQL Injection vulnerability on the HTTPS Management and the User Portal that was being exploited.
Here's a link to the KB article they sent out: https://community.sophos.com/kb/en-us/135412
While they say that there would be a notification stating that the device was patched and if the device was compromised or not, I have yet to see this notification on any firewall in our fleet (latest updates, hotfixes on, etc.)
Stay safe out there!
I'm working on a modular guide to setting up an IoT VLAN on UniFi equipment and Redditors have been kind enough to help test out my findings and settings before they show up in the final article.
I've already come up with:
This post is basically something to point people to while troubleshooting so they can see what the devices (and/or their companion apps) are trying to do on your network.
The first place to look is your router's syslog. Set your final "LAN IN" firewall rule (the one that blocks traffic from the IoT VLAN to the... keep reading on reddit ➡
I'm evalutating a new 10gbps server setup for live streams, but no hardware firewall is provided by the hosting company and I can't use virtualization to run a vps like opnsense to protect the streaming vps because I need top performance from the machine under heavy load streams.
Therefore.. which advise to protect in the nice way a 10gbps machine? the DDos protection is provided by the host, could be enough a "simple" iptables firewall and a security software like OSSEC with active drop response in the case of brute force attack?
Thank you for any advice.
I was wondering if any of you already made some experience with 10Gbit routing with basic firewall rules set up.
I want to create a own subnet for my servers to separate my clients and servers.
And in the near future i may upgrade some clients to 10Gbit, so some clients would be able to connect to the Fileserver with 10Gbit network speeds.
Now i was wondering what kind of hardware would be needed to be able to process 10Gbit.
My plan is to just install Debian or CentOS and run a few simple firewall rules via nftables, so nothing especially demanding.
I hope to hear any recommendations or setups from you.
Will it happen this year? Or after the 2020 US elections?
I also have sharpshooter and I can use the flashbang.
I made sure the firewall class is active ..but for some reason I cant equip the cluster grenade. I do have it unlocked as well.
Historically firewalls havent been an area we have dealt with but are now focussing a lot harder on the network security side for our clients.
We have tended in the past to outsource this to other 3rd parties but would now like to bring this in house.
In your experience as MSP's which product is best suited for the SME market and for us MSP's to manage, maintain and support?
Typical Client Size is: 3 to 150 users max
Most clients with max 100Mbps connections, however a couple with 1Gbps connections
I have a dead PA Firewall, no HA, managed by Panorama.
The new firewall which will be replacing the dead one is already in transit.
My question is - how do I put the backup configuration from the dead firewall which is stored in Panorama onto the new firewall ?
I know the procedure but I am confused because I can find in Panorama a saved configuration (XML) but it seems to be incomplete.
There are also several commited configurations, but I don't know if I need to load them one by one (since they are incremental) or just the last one.
Thank you for your time
It's the specialisation based on fire, yet has very little fire buffs outside of burn duration.
I main a fire based status build so unlocked Firewall thinking it would be beneficial but so much of the perk tree is just.... meh. I mean Health on Kill? When is anyone ever going to use that
Even worse, you get the burn duration buff but the fire nades are on a completely different specialisation!?!?!?
Firewall could really do with Burn Duration then having the Incendiary grenade and the "team deals 10% to status effect" team perk.
It just makes no sense that the fire spec is pretty useless for fire damage.
I get that this might be a consequence of having only 3 specs then adding more, but they certainly need to be looked at so their perks, nades and spec line up
Hi everyone. I wanna start MC hosting stuff with my couple friends. We will use bungee and spigot stuff. My friend has knowledge about them and I have a bit knowledge on linux but I'm not familier with correct firewalling. Where I need to start? Thanks...
EDIT: Both plugins, scripts, linux pkgs will be welcomed. I'm aware of security of BungeeCord.
Firewall iP allows you to block outgoing connections. It hooks into applications and will warn you if they attempt to access the internet. Includes system-wide network notification UI for creating process/host specific outgoing firewall rules in real-time. Along with an option to configure rules globally.keep reading on reddit ➡