[isapros] Re: ISA Rule Names
- From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Wed, 16 May 2007 08:54:15 +1000
Indeed and I wouldn't even consider that large..compared to other larger
businesses
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Wednesday, 16 May 2007 8:49 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
4000 rules..lol
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Greg Mulholland
Sent: Tuesday, May 15, 2007 7:37 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
I guess it kind of is but I still think of it as a potential improvement to
the overall we display rules, but that's great to know Jim I look forward to
it!
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Tuesday, 15 May 2007 11:03 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
Maybe I'm listening with the wrong eye, but this sounds like two different
questions?
"What naming convention works for you?" is a bit different than "I want to
find out what rules apply to <blah>".
As far as rule names, keep it short, but clear. This way, it makes sense on
first glance. Details should be in the "Description" field.
We're working on a "rule-alyzer" that should make Greg (and many others)
happy, but no firm release date yet.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Greg Mulholland
Sent: Tuesday, May 15, 2007 3:55 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA Rule Names
Jason
I have been waiting for an easier way to handle large rulesets in ISA for a
few releases now. Im praying 2008 holds the key. I would like the filtering
or sorting of rules to be a little better so I can find what I am looking
for without having to go through 4000 rules to find what im looking for.
I generally try to give as concise a name but whilst still providing me the
info of what the rule does without having to open it up. I'd also like to
know how other places do it. Ive seen it work in "dare I say it" checkpoint
and there rule filtering is great!
Tom, Jim, im sure you cant say but will there be any improvements/changes on
this front in 2008. A nod or a wink will suffice!
Greg
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jason Jones
Sent: Tuesday, 15 May 2007 8:07 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] ISA Rule Names
Hi All,
Quick off the wall question.
I was wondering if any of you use some form of system for naming ISA rules.
As you can imagine, in a complex environment it is often quite easy to get
to a large number of rules and hence the actual rules name become more
important to understating which rule does what .
Up until now, I have always used quite wordy names like 'Allow Access from
Exchange Frontend Servers to Exchange backend Servers' or similar. I have
also used prefixes like 'Inbound:' or 'Outbound:' or 'Management:' to try
and give a basic indicator to the rule purpose.
Am I better having simple rule names (maybe based upon application or
function?) and do all the wordy stuff in the rule description field???
Any comments or suggestions would be really welcome, especially from people
who have used ISA with large rule sets, maybe for big company edge ISA
firewall. How do MS do it for their edge ISAs??
I know it is not that important at the end of the day, but just curious for
feedback.
Thanks
JJ
All mail to and from this domain is GFI-scanned.
Other related posts:
