Create a Post
Showing results for 
Search instead for 
Did you mean: 

Define Policy - Best Practices


When we deploy new firewalls there is a Standard Policy created.

Is it a best practice to create rules in the same standard policy or a separate policy should be created ?

If a separate policy is to be created than what is the Standard Policy used for ? 



0 Kudos
2 Replies

In a fresh installation, you need to have some policy package to start with.
Why the name Standard was chosen as the name, not sure.
It goes back to the beginnings of the product.
Whether you use the Standard policy package or create a different one to out your rules in, it's really up to you.
Generally people will create a new one with a more meaningful name.

Hi @LostBoY 

After a "fresh install" the default policy ensures that access to the firewall is restricted:

source      destination     service
any            fw                     443               GAIA WebGUI
any            fw                     22                 SSH
any            fw                     18191           Policy Install / SIC
any            fw                     18192           CPD_amon  (I'm not sure here anymore)
any            fw                     18211           CP_ica_push

More to communication ports here:
R80.x Ports Used for Communication by Various Check Point Modules



0 Kudos