How to create a f.W Rule let SLES could update patch?

Hi All
I have some SLES Server need perform online update, but a question, base on security policy, I could not let these server direct access internet.
I need create a firewall policy to limit SLES only access server which are indeed need when I perform register customer center and online update.

Whether I just open SLES Server connect by HTTPS or not ?



Hi wencheng,

Whether I just open SLES Server connect by HTTPS or not ?

these update servers are obviously hosted at Akamai, there’s no way to predict when the actual IPs of the server(s) might change (and most likely there are multiple servers to cover the various regions):

[QUOTE]Non-authoritative answer: canonical name = canonical name =

Your question seems to target packet filter rules. May I suggest a different firewalling approach? How about setting up a Squid proxy that is permitted to do http/https to the Internet, but enforces a rule that only requests to may be served?

Of course the details of your firewalling depend on the overall structure of your network setup (is the server in question directly connected to the Internet? Can you route traffic from that server through other systems?) and security requirements.