@djkershaw wrote:
Hello,
Could you help me understand the differences between best practices, or should I say bad habits, learned elsewhere for firewalls and ACLs and best practices for Aruba?
Some specific things come to mind for an Aruba controller:
- Is there EVER a reason to have the firewall do a reject? My previous experience is that you do not want to do this as it gives the intruder information. With the exception of troubleshooting it should be avoided. Am I missing something?
- Rules should start with specific and go to general. Correct?
- Are there any differences to be aware of from elsewhere?
Regards,
David
The paradigm is pretty much the same.
One reason why you would do a reject is for performance: There are some clients that will introduce a wait state when there is no response, as opposed to moving onto a different method of communication when there is a reject. This is only one example that is not specific to Aruba: I am sure there are others.