I want to restrict Internet access on Servers to only essential outbound connections.
So for Windows updates etc, I would allow:
microsoft.com
windowsupdate.com
windows.com
Or I suppose I could be more specific and allow windowsupdate.microsoft.com instead of microsoft.com, which is probably better to protect against teams malware!
I can see in the logs, what I need to allow for updates for Anti Virus and the services running on the server that require internet connection. This particular server is running a mail server. I have got all the ports sorted out - I am just sorting out outgoing ports 80/443 from the server to the Internet for things like updates, certificate checks.
However, I see a number of connections that I am not sure whether it should be allowed/blocked.
bing.com - the host server has no browser. So I presume bing.com...
