Hi,
I would like to know which of the following scenario would be better for Checkpoint firewall to process its rule.
Scenario 1 - this has 4 combination of flows but only two are used. This has only 1 rule defined
Rule From To Port
1 10.1.1.1 20.2.2.2 TCP-555
20.2.2.2 10.1.1.1
Scenario 2 - this allow two specific flows but has two rules defined
Rule From To Port
1 10.1.1.1 20.2.2.2 TCP-555
2 20.2.2.2 10.1.1.1 TCP-555
Which one would be better for Checkpoint to process? This is just a small scale example. Our firewalls have couple of hundred rules and also with large number of objects/groups so I would like to adopt a practice that have least impact to the FW performance.
Thanks
James
Bookmarks