first commit

2025-02-08 21:56:24 +01:00
commit 1f9564ca6a
471 changed files with 74368 additions and 0 deletions
--- a/projects/firewall-migrations/sophos-central-template/files/Screenshot
+++ b/projects/firewall-migrations/sophos-central-template/files/Screenshot
--- a/projects/firewall-migrations/sophos-central-template/files/Screenshot
+++ b/projects/firewall-migrations/sophos-central-template/files/Screenshot
--- a/projects/firewall-migrations/sophos-central-template/old/Notes.md
+++ b/projects/firewall-migrations/sophos-central-template/old/Notes.md
@@ -0,0 +1,15 @@
+Capture here all settings which I done in the template
+
+**Serial Number:  C1A1046KXFXKT60**
+
+## Administration
+
+### Device Access
+
+Local service ACL: Close all on WAN Interface except "SSL VPN"
+Local service ACL exception rule: Add "sbx_office". Source Network Host: 213.160.17.158; Services: https, ssh; Action: Allow
+
+### Admin and user settings
+
+### Time
+Custom ntp server: <de.pool.ntp.org> 
--- a/projects/firewall-migrations/sophos-central-template/old/template-std-structure.md
+++ b/projects/firewall-migrations/sophos-central-template/old/template-std-structure.md
@@ -0,0 +1,23 @@
+
+## Templates
+
+### MAIN TEMPLATE
+
+**This template is ALWAYS linked to all customer firewalls and corresponding changes should be done in the template**
+_Such a template enforces implicitly a standard configuration which is the same for every fw. _
+
+- Include configs which hold for ALL customers 
+- These include the following settings:
+	- Hosts and Services
+	- Administration
+	- Web
+
+### New Installations TEMPLATE
+
+- **This template is only used once when configuring a firewall initially**
+- could differ for different customers
+
+### Special TEMPLATES
+
+1. VLANs related settings
+2. intrinsic commercial sophos security features
--- a/projects/firewall-migrations/sophos-central-template/std-fw-networks.md
+++ b/projects/firewall-migrations/sophos-central-template/std-fw-networks.md
@@ -0,0 +1,14 @@
+
+## Private
+
+- 192.168.xx.0/24
+
+## VPN
+
+- 10.81.0.0/24
+
+### Rule
+
+
+
+
--- a/projects/firewall-migrations/sophos-central-template/std-fw-services.md
+++ b/projects/firewall-migrations/sophos-central-template/std-fw-services.md
@@ -0,0 +1,13 @@
+
+## ActiveDirectory
+
+- LDAP: 389 (TCP & UDP)
+- LDAPS: 636 (TCP)
+- Global Catalog: 3268, 3269 (TCP)
+- Kerberos: 88 (TCP & UDP)
+- Kerberos-Kennwortänderung: 464 (TCP & UPD)
+- DNS: 53 (TCP & UDP)
+- RPC: 135 (TCP) + Dynamische Ports (49152–65535 (TCP))
+- SMB: 445 (TCP)
+- NTP: 123 (TCP & UDP)
+- RAW: 9100 (TCP)
--- a/projects/firewall-migrations/sophos-central-template/std-sbx-mac.md
+++ b/projects/firewall-migrations/sophos-central-template/std-sbx-mac.md
@@ -0,0 +1,8 @@
+## TODO
+
+- Alle Mitarbeiter muessen ihre MAC Addresse im Sophos Template hinterlegen.
+
+## Mac Addresses
+
+- Sebastian: WLAN: 50-76-AF-35-0D-6D, LAN: E8-6A-64-73-94-35
+- Petar: WLAN: 04-7B-CB-CA-CA-1A, LAN: FC-5C-EE-22-5E-B2