|
|
#2
October 7th, 2003, 05:48 PM
|
|||
|
|||
Re:Kerio 4 and lns rules ;)
Quote:
Probably only through a lot of manual effort... But besides that it may not be practical. Different rules based firewalls have different ways of accomplishing things, and they generally require rules to be developed that are specific to that firewall. If a firewall approaches a function differently, the rules needed may be different to provide the same security. Here's a thread where BlitzenZeus was trying to configure LnS as he configured his Kerio 2.1.5 and had some difficulties because the two firewalls do things differently. While this is not exactly what you are asking, I think it shows that you must develop rules specifically to the firewall you are using. LooknStop vs Kerio PF |
|
#3
October 7th, 2003, 06:34 PM
|
||||
|
||||
|
Re:Kerio 4 and lns rules ;)
At this time the logging doesn't work correctly in 4x still, so I don't suggest you use it as can't really prove what your rules are doing, and unless an application is attached to a rule it won't log so that complicates the process of finding conflicting settings. I suggest you don't use 4x at this time, and if your going to run any version, run 2x.
Well, some rules you will have to ditch: --You cannot filter by packet flags, but Kerio does use a stateful method to block flagged packets. --No arp filtering So once you drop those you have a basic firewall configuration without any appliction specific settings, basically a hardware firewall configuration in a sense. Personally, if you want to use his ruleset I suggest you use LnS, and if you want to use Kerio, use the features of the firewall like the rule based application filtering. These are two different beasts even though they are both rule based.
__________________
Yesterday we obeyed kings, and bent our necks before emperors. But today we kneel only to the truth. -Kahlil Gibran |
|
#4
October 7th, 2003, 06:53 PM
|
||||
|
||||
|
Re:Kerio 4 and lns rules ;)
Hi kamui
As LWM suggests, it would have to be a manual effort. You could use some of your LnS rules as a guide/template for rules in Kerio, but others would have to be created from scratch. While both are rule based, they have different approaches to how rules are processed, created and function. Application control is also different. Just make sure you have good understanding of how the new Kerio works (as it differs from v2.x), and you should not have much trouble constructing a rule set. You may also want to look at the v2.x of Kerio as it is still preferred by many. Regards, CrazyM
__________________
"The best thing we can do in cyberspace is exactly what we do in the real world: do our best to manage the risks." - Bruce Schneier |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
