Newbie to firewalls so don't shoot me if this is obvious or there is a better way of doing this...
I have a Cisco router which I run ACLs on to block various traffic, particularly a vlan dedicated to virtual servers which I deny most Internet traffic to.
Anyway
So in regards to the TechNet article Configure the Firewall Between the WSUS Server and the Internet
The problem was that the article gives a list of domain names rather than IP addresses which would be useful for a firewall (using domain name translation rules apparently slows down the firewall).
What I tried was to first ping the domain name to get the IP address.
Then put that IP address into the whois-service.com (for some reason the website won't do the domain name to IP translation for the Microsoft addresses.
This gives you the address range of this address is part of, and you can put that into a firewall as part of a permit list.
Is this a reasonable work around?
I have a Cisco router which I run ACLs on to block various traffic, particularly a vlan dedicated to virtual servers which I deny most Internet traffic to.
Anyway
So in regards to the TechNet article Configure the Firewall Between the WSUS Server and the Internet
The problem was that the article gives a list of domain names rather than IP addresses which would be useful for a firewall (using domain name translation rules apparently slows down the firewall).
What I tried was to first ping the domain name to get the IP address.
Then put that IP address into the whois-service.com (for some reason the website won't do the domain name to IP translation for the Microsoft addresses.
This gives you the address range of this address is part of, and you can put that into a firewall as part of a permit list.
Is this a reasonable work around?