Internal Outbound
Okay, this is where we let everyone on the internal network unrestricted
access to the Internet. This setup is not secure. You want to
limit only what is absolutely required for outbound access (such as limiting
outbound traffic to http and DNS queries only). If possible, also proxy all
outbound traffic. I used this unrestriced rule on purpose to demonstrate a point.
Some sites use this unrestricted "Internal Outbound" rule, without realizing
the problems they are causing. With a rule like this, rule base ordering becomes
absolutely critical. As you follow
along and see how the addtional rules are added, you will better understand
the importance of rulebase ordering. If management allows you to limit what is
allowed outbound, do it, it is far more secure. If you can't, see how a rule like
this causes problems, requiring critical rulebase ordering.