Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Default outbound rules

Solved
AnkitSharma1
Here to help
2 weeks ago
2 weeks ago

Default outbound rules

We have not defined any rules in outbound. I think this is not a good practice in terms of security. What rules should I allow in outbound rules, and if I set them as default, what are the risks?

 

AnkitSharma1_0-1713407411071.png

 

0 Kudos
Subscribe
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

What you should define is very relative, there is no way to give an exact answer without knowing which applications and external ports you access.

The biggest risk would be if you have inbound rules for your network. To restrict external access, you can simply define the categories you want to block in Content Filtering.

But in general you can allow for example HTTPS, DNS, or anything else that is relevant to you.

If you have questions, I suggest you open a support case or consult your Meraki sales representative.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

What you should define is very relative, there is no way to give an exact answer without knowing which applications and external ports you access.

The biggest risk would be if you have inbound rules for your network. To restrict external access, you can simply define the categories you want to block in Content Filtering.

But in general you can allow for example HTTPS, DNS, or anything else that is relevant to you.

If you have questions, I suggest you open a support case or consult your Meraki sales representative.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

For a lot of SMBs, I usually rely purely on contenting filtering and IPS and allow all traffic.

For large companies I might only alow HTTP and HTTPS from everything internal, and then only named hosts (such as AD controllers) being allowed to send DNS queries.  I have some customers that are only allowed to access specific named web sites and nothing else.

For manufacturing companies, there might be entire networks with zero access to the Internet.

 

You'll have to give consideration to your security posture and risk, and then decide what is apropriate.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.