what is the point of the cloud services appliance firewall?
if i want the CSA to manage any internet device my users may have then i pretty much have to enable every public range. i dont see why it comes preconfigured with specific IPs listed in the allow and blocked list.
Is there some kind of best practices doc on this?
should i just disable the firewall to get rid of the overhead on the appliance?
Many organizations disable it as it will be in the DMZ typically in between two more robust firewalls anyway. It can also cause issues by blocking legitimate IP traffic. However, I am not necessarily recommending turning it off especially if it is not in a DMZ for some reason.
Here is one resource you can use with specific setups including in a DMZ.