[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] When should ANY be used, if ever?
Remember that "Any" is ANY not always. But, in your case, it may be
better to use the "negate" function and begin permiting limited access
that way.
Peter Lukas
On Fri, 19 Jan 2001, Allan Pratt wrote:
>
> Hi,
>
> In the source, destination and protocol fields, should ANY ever be used?
>
> I was thinking that it would be better to use inverse points, as an example,
> support you wanted all Internal networks to access the Internet, normally it
> is written:
>
> Internal_Net = Any = Any
>
> Would it not be better to not use ANY in the destination and inverse the
> DMZ.
>
> That way it would be Any network BUT the DMZ or whatever should be
> restriced.
>
> Any thought?
>
> Thanks,
>
> Allan
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================