What are some policies that you guys usually use on your devices that you are amazed no one ever talks about it?

I’m learning all the features as I go and I’m finding this policy section very interesting!
I’m just wondering what are some policies you guys use all the time that you can share just so that I have a feeling of how much can I improve the performance and network of my customer devices!
Thanks! :slight_smile:

policy condition ipv6-block ipv6
policy action a-block
policy rule ipv6-block condition ipv6-block action a-block
qos apply
Joke by side, what policies exactly you mean? What you ALWAYS should use, is the “policy port group UserPorts”, to secure your edge.

Hi BennyD
I do indeed use UserPorts (to shut on dhcp and bpdu and to filter on dns), but I was just wondering what are some overall policies that are considered good practice to have on the ALE switches

In MyPortal we got that Guide “Security Best Practices in AOS v1.8”. This guide gives some good examples for security ACL´s/Features against common network attacks. Otherwise I personally don´t use any global ACL´s to drop traffic, except the one with IPv6 - if the customer does not require it.

Many thanks!
I’m using this more as a study guide than anything else really… I’m still fairly new to ALE networking equipment and I’m still learning as I go!