locked
Access rule RRS feed

  • Question

  • Hi All!

    I have specific programm that need to create protocol definition "UDP 87, send receive"

    Is it enough to set allow "All outband traffic" for that computer

    or it is necessarily  to create that protocol definition?

    Thank you!


    MCSE:Security, MCITP:Enterprise Administrator
    Monday, August 16, 2010 8:55 AM

Answers

  • Hi,

    If you set it to "All Outbound traffic" all traffic will be allowed. If you create a protocol definition you are narrowing down on precisely what needs to be allowed.

    Creating a protocol definition and allowing only what you need would be more on the safer side.

    HTH


    Shijaz Abdulla | Microsoft Qatar | Blog: microsoftnow.com
    Monday, August 16, 2010 12:34 PM

All replies

  • Hi,

    If you set it to "All Outbound traffic" all traffic will be allowed. If you create a protocol definition you are narrowing down on precisely what needs to be allowed.

    Creating a protocol definition and allowing only what you need would be more on the safer side.

    HTH


    Shijaz Abdulla | Microsoft Qatar | Blog: microsoftnow.com
    Monday, August 16, 2010 12:34 PM
  • As Shijaz Abdulla said, the main idea is always create specific access rule. It's more secure and you save bandwidth. You can create to a specific computer(s) or user(s)...
    Eduardo Petizme.com @ MVP
    Monday, August 16, 2010 12:53 PM
  • If Protocol UDP 87  is not already defined, then even when using All Outbound Protocols , your traffic will not function as the required protocols is not included.

     

    All Outbound protocols means all the protocols that are already created and built in into ISA/TMG.

    so you will need to create UDP 87 if its not already there. and then create a rule to allow it.


    Tarek Majdalani | MS Forefront Edge Security MVP | http://www.elmajdal.net
    Saturday, September 4, 2010 10:20 AM
    Moderator