It's also not recommended to block the 'world', instead consider rules to 'Permi
-
If I follow the logic in the note:
It's also not recommended to block the 'world', instead consider rules to 'Permit' traffic from selected Countries only.
I could see this idea as 2 different choices
Either I "Permit" my country
or
I could "Deny" my country but set the !inverse option in the Advanced inbound/outbound rules.Does one sound more appropriate than the other? They sound equivalent but the latter option would log all connections that were essentially blocked by the logic.
Screenshot attached
-
The package allows for different options to define the firewall rules…
There isn't one better than the other.... Its wants better for you network environment.... Your observations about the differences between those rule options is sound tho..
I will say that its best not to overload the widget statistics/Alerts Tab with useless information with packets that are already being dropped by the stateful implicit deny firewall rule and then concentrate on those Alerts that are important to review.
