Use case of application control
I must allow Webex on my Firebox(M570). (And probably other applications using different ports in the future)
For Webex, i have to open ports 5004 UDP/TCP and 9000 UDP.
I don't like to open ports. Each conference tool has custom ports and if i allow them all, i have a lot of open ports, which i think is not safe : some trojan/virus could use it to connect to the outside.
For the specific case Webex, i had the idea to create the following rule :
- Port 5004 tcp, port 5004 udp, port 9000 udp (http rules are already covered by previous rules)
- From : any-trusted
- To : any-external : to be sure i don't miss an ip or fqdn
- Application Control :
Allow only Webex, drop the others, and drop if traffic isn't matching any application.
Is it a good idea ?