I am trying to build a firewall disconnected policy for my endpoint users.
This means that I explicitly need to open ports on the endpoint firewall policy for programs and applications used outside of the network perimeter. The issue here is that the common ports and applications that Check Point has in the Endpoint firewall Policy is minimal and not updated.
Let's take the following use case:
Miracast/Airplay/Lightcast are very common protocols to allow casting the computer screen via Wifi.
It uses different ports and IP's that needed to be allowed in the endpoint firewall policy. In order to allow it, I have to allow all the ports used by each protocol and to add a rule for it by the endpoint policy.
I am trying to think of other use cases and common applications and windows services that require to open ports on the endpoint firewall policy except for the common ports that Check Point suggests. So far I have encountered some applications and programs that use non-standard ports and unfortunately, the list is growing. Every day I find a different application, service or program that uses non-standard ports and requires me to create exceptions and new firewall endpoint policies. This has become a management overhead. I am looking for a better solution which requires me not to open ports every time a user wants to use an application outside of the corporate network.
How do you do it with your endpoint firewall policy?