If I have 2 subnets that need port 80 and 5000 open to subnet 3, is it better to create one firewall rule for each or combine them?
allow--TCP, subnet1, subenet 2, source port any, destination subnet 3, destination port 80, 5000.
OR
allow--TCP, subnet1, source port any, destination subnet 3, destination port 80.
allow--TCP, subnet1, source port any, destination subnet 3, destination port 5000.
allow--TCP, subnet2, source port any, destination subnet 3, destination port 80.
allow--TCP, subnet2, source port any, destination subnet 3, destination port 5000.
Does it make a difference to Meraki or the speed of process?
thanks!
I wouldn't say for processing reasons, but I personally (when possible) prefer to create a single rule if the objective is the same, this makes the configuration much "clear".
Hello,
Regarding your query, here's a breakdown:
The optimal choice depends on the specific security policies and requirements of your network. Please let me know if this information addresses your question.
I do both.
The benefit of option 1 is the firewall rule base in the GUI is more concise.
The benefit of option 2 is you can see the individual rule hits to see if traffic is flowing.
Option 2 for me as mentioned by Philip that it makes logs much easier and quicker to read.
Thank you all for the input all. I imagine option 2 would make the the list in the firewall quite large, but maybe easier to manage and decipher.