[isapros] Re: ISA Rule Names
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 15 May 2007 06:26:31 -0700
Think of it like your server naming conventions.
Each customer has different needs and desires, so this is where you have
to concentrate.
Given the choice, I tend toward the "protocol [from X] to Y" format,
such as: "RDP to Jason", or "Kitty Porn Server to Internet" (KPS being a
custom protocol, if course). This way, the main details are in a short
name. If I need any further info, such as "1d10t ISV thinks 'allow all'
is a good idea", it goes in the "Description" field.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jason Jones
Sent: Tuesday, May 15, 2007 6:16 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
Happy for answers to both questions if you think there are two J
Just trying to get some feedback on naming standards for both clarity
and purpose...
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: 15 May 2007 14:03
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
Maybe I'm listening with the wrong eye, but this sounds like two
different questions?
"What naming convention works for you?" is a bit different than "I want
to find out what rules apply to <blah>"...
As far as rule names, keep it short, but clear. This way, it makes
sense on first glance. Details should be in the "Description" field.
We're working on a "rule-alyzer" that should make Greg (and many others)
happy, but no firm release date yet.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Greg Mulholland
Sent: Tuesday, May 15, 2007 3:55 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
Jason
I have been waiting for an easier way to handle large rulesets in ISA
for a few releases now. Im praying 2008 holds the key. I would like the
filtering or sorting of rules to be a little better so I can find what I
am looking for without having to go through 4000 rules to find what im
looking for.
I generally try to give as concise a name but whilst still providing me
the info of what the rule does without having to open it up. I'd also
like to know how other places do it. Ive seen it work in "dare I say it"
checkpoint and there rule filtering is great!
Tom, Jim, im sure you cant say but will there be any
improvements/changes on this front in 2008. A nod or a wink will
suffice!
Greg
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jason Jones
Sent: Tuesday, 15 May 2007 8:07 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] ISA Rule Names
Hi All,
Quick off the wall question...
I was wondering if any of you use some form of system for naming ISA
rules. As you can imagine, in a complex environment it is often quite
easy to get to a large number of rules and hence the actual rules name
become more important to understating which rule does what .
Up until now, I have always used quite wordy names like 'Allow Access
from Exchange Frontend Servers to Exchange backend Servers' or similar.
I have also used prefixes like 'Inbound:' or 'Outbound:' or
'Management:' to try and give a basic indicator to the rule purpose.
Am I better having simple rule names (maybe based upon application or
function?) and do all the wordy stuff in the rule description field???
Any comments or suggestions would be really welcome, especially from
people who have used ISA with large rule sets, maybe for big company
edge ISA firewall. How do MS do it for their edge ISAs??
I know it is not that important at the end of the day, but just curious
for feedback...
Thanks
JJ
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
Other related posts:
