[masraum]

I have a question for you who do security stuff.

Normal setup inside corp intranet and outside is the internet. Do you have traffic from the inside to the outside wide open, or do you have a few permit statements and then everything else gets denied?

I understand that it's more secure to say "permit from the internal networks to the internet on port 80 and 443" and then let everything else be denied (greatly over simplified, of course, you'd have to permit more than 80 and 443).

Do any of you restrict outbound access like that, only allowing a few (relatively) ports/protocols from the inside to the outside or do you basically have a "permit ip any any" from the inside to the outside?

I would assume that only the most security conscious places, military, govt, financial, etc..., would resort to limiting outbound access to that level, but I'm curious what you guys do/have seen.

Thanks