Trans-zone SMB BWM: any howto available?
Guru Member
I have computer on DMZ and Backup destination on LAN1.
I'd love to regulate bandwidth between for SMB/CIFS between these two hosts (on different zones and interfaces) for allowing smooth backups while not killing the firewall performances/services between zones (and internet).
Security policy with time condition: achieved.
BMW? How can I identify the service correctly using service groups?
All Replies
-
So the LAN1 host will be downloading from host in DMZ?
It be better to set default inbound/outbound priority to 6 and make a rule like this at priority 7:
0 -
@PeterUK well…
So the LAN1 host will be downloading from host in DMZ?(lacking of quoting features make me feel unconfortable)
not quite… DMZ host will upload data, and sometimes verify it (thus reading) and… deleting. Application is instructed to check and purge the older backups.
Honestly TCP:445 seem "not enough" to me, needing also other nice things like NetBios and such. However… Might be worth the try.
It's also quite unconfortable that TCP:443 is marked "NetBIOS_TCP2". Not SMB or CIFS.
0 -
It be some what safer not to upload from DMZ to LAN1
If you was to Wireshark a backup you would see what ports are needed/used
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
