Meraki

Community

Default outbound rules

Solved
AnkitSharma1
Here to help
‎Apr 17 2024 7:30 PM
‎Apr 17 2024 7:30 PM

Default outbound rules

We have not defined any rules in outbound. I think this is not a good practice in terms of security. What rules should I allow in outbound rules, and if I set them as default, what are the risks?

 

AnkitSharma1_0-1713407411071.png

 

0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 18 2024 9:55 AM
‎Apr 18 2024 9:55 AM

What you should define is very relative, there is no way to give an exact answer without knowing which applications and external ports you access.

The biggest risk would be if you have inbound rules for your network. To restrict external access, you can simply define the categories you want to block in Content Filtering.

But in general you can allow for example HTTPS, DNS, or anything else that is relevant to you.

If you have questions, I suggest you open a support case or consult your Meraki sales representative.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 18 2024 9:55 AM
‎Apr 18 2024 9:55 AM

What you should define is very relative, there is no way to give an exact answer without knowing which applications and external ports you access.

The biggest risk would be if you have inbound rules for your network. To restrict external access, you can simply define the categories you want to block in Content Filtering.

But in general you can allow for example HTTPS, DNS, or anything else that is relevant to you.

If you have questions, I suggest you open a support case or consult your Meraki sales representative.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 18 2024 2:44 PM
‎Apr 18 2024 2:44 PM

For a lot of SMBs, I usually rely purely on contenting filtering and IPS and allow all traffic.

For large companies I might only alow HTTP and HTTPS from everything internal, and then only named hosts (such as AD controllers) being allowed to send DNS queries.  I have some customers that are only allowed to access specific named web sites and nothing else.

For manufacturing companies, there might be entire networks with zero access to the Internet.

 

You'll have to give consideration to your security posture and risk, and then decide what is apropriate.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.