Hi all,
I am in the midst of the migrating my rule base from traditional mode to
simplified mode. During this process, I realized that, in order to maintain
the user access granularity that I had traditional mode, I would have to add
a lot of user-specific rules to my policy.
Everyone knows that FW-1 evaluates traffic against the rules in its policy
in a top-down fashion. My question: is FW-1 smart enough to differentiate
between user access (e.g. SecureClient) traffic from other kinds of traffic
so that it doesn't mindlessly try to evaluate non-user access traffic
against user access rules?
Thanks in advance to everyone on the list for any feedback that you can
provide.
Thai Nguyen
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
