topic Re: Will (Smart)Workflow come back? in Firewall and Security Management

Will (Smart)Workflow come back?

Vincent_Bacher — Tue, 12 Jun 2018 11:24:22 GMT

Hello together,

i am wondering if there are any news, if and when (Smart)Workflow will come back.

Does anybody have news about that?

Best regards

Vincent

Re: Will (Smart)Workflow come back?

Tomer_Sole — Tue, 12 Jun 2018 11:53:18 GMT

Hi,

The plan is to incorporate the feature set of SmartWorkflow without calling it "an extra blade".

The R80.10 security management platform it built for team work and change management. The session name and description appear in the audit logs (and you can mark them as mandatory for users to fill in). When installing a policy, you get the list of changes that will be installed. As you make changes, the Session pane on the right-side shows you which changes were made. And with SmartView you can make audit overview reports and charts for change management. Every publish operation creates a revision automatically, allowing you to log-in to that old revision with read-only permissions, or install that previous revision on your gateway if something goes wrong.

The new Permission Profiles let you segregate the install policy permission from the rest of the permissions, and create a new working model in which the person that makes the management changes is not allowed to deploy them. Session Take-Over lets you approve, discard or change pending changes on behalf of your teammates (if you have the permission for it).

All of the following can help you make effective change management and approval cycle. Even though R80.10 does not yet have an "approve changes" button, you might be able to utilize these features above for this purpose.

The next step with change approval is to automate approval or denial of certain changes, if they don't meet your criterias. Management API commands such as show-changes and show-sessions can help you automate the approval cycle. With SmartEvent you can create an Automatic Reaction whenever someone publishes changes or installs a policy and send it over email or run a custom script. Compliance Blade shows you a dashboard of misconfigurations and security alerts in case your administrators do not follow some of the best practices. And we are interested to know what automated checks you guys have - so that we can extend the platform to allow you to run those checks automatically in our next releases.

Re: Will (Smart)Workflow come back?

Vincent_Bacher — Tue, 12 Jun 2018 12:11:31 GMT

Hi Tomer,

thank you for info and suggestions

Cheers

Vincent

Re: Will (Smart)Workflow come back?

Danny — Tue, 12 Jun 2018 13:43:42 GMT

This is so important it should be announced more publicly.

Re: Will (Smart)Workflow come back?

S_E_ — Mon, 18 Jun 2018 12:51:33 GMT

...When installing a policy, you get the list of changes that will be installed. As you make changes, the Session pane on the right-side shows you which changes were made....

You get the list but it is definitely not helpful like the graphical output of the SmartWorkFlow. It is simply not 'readable/visible if it is more than 1 object change.

And with SmartView you can make audit overview reports and charts for change management. Every publish operation creates a revision automatically, allowing you to log-in to that old revision with read-only permissions, or install that previous revision on your gateway if something goes wrong.

After someone published it. If there is a misconfiguration done by other admin, it is already to late.

All of the following can help you make effective change management and approval cycle. Even though R80.10 does not yet have an "approve changes" button, you might be able to utilize these features above for this purpose.

Yes, but is is still a step back if you are using SmartWorkflow for approval/4-eye principal changes.

The next step with change approval is to automate approval or denial of certain changes, if they don't meet your criterias. Management API commands such as show-changes and show-sessions can help you automate the approval cycle.

Are the plans to migrate it back to SmartConsole?

Or do you recommend only API and third party tools?

Regards

5 of 5 people found this helpful

Re: Will (Smart)Workflow come back?

Tomer_Sole — Mon, 18 Jun 2018 16:59:37 GMT

Hi,

SmartWorkflow reports worked post-save. Audit overviews work post-publish. We are aware that both of those would be more useful doing pre-publish and we plan to do that in our next releases.

As well as a simple approval cycle.

Re: Will (Smart)Workflow come back?

Emre_Can_Lekesi — Thu, 27 Sep 2018 10:29:59 GMT

So is it coming back with r8x or not? Just a simple yes or no is much obliged thanks.

Re: Will (Smart)Workflow come back?

Tomer_Sole — Thu, 27 Sep 2018 11:49:58 GMT

It is 80% there.

15% will make its way to our next releases.

The remaining 5% are the fact that it has a distinguished name, the extra cost, and enabling it on the object editor and those will not come back.

If your upgrade to R80.10 fails due to "your SmartWorkflow blade is enabled", please read my response above about Change Management features for R80.10 and make a decision whether simply turning off this "extra blade" and using the Change Management features that exist in R80.10 are sufficient.

Re: Will (Smart)Workflow come back?

Luis_Miguel_Mig — Tue, 05 Mar 2019 15:44:33 GMT

As far as I know, you get the Smartflow reports before the changes have been pushed to the gateway.

Re: Will (Smart)Workflow come back?

Luis_Miguel_Mig — Tue, 05 Mar 2019 15:46:31 GMT

Can you set expectations on when the remaining features will be available in R80.20?

Re: Will (Smart)Workflow come back?

S_E_ — Wed, 13 Mar 2019 12:29:13 GMT

@Luis_Miguel_Mig wrote:
Can you set expectations on when the remaining features will be available in R80.20?

Hm,

even in R80.30 EA there is no SmartWorkflow mentioned.

No graphical report, no 4-eye approval stuff.

So, still stuck in R77.30 until this feature is available.

Regards

Re: Will (Smart)Workflow come back?

Johnny_Wong — Tue, 19 Mar 2019 14:49:11 GMT

Agree with Nickel, can we simply to ask a question do we going to support SmartWorkflow features to R80.x? The R77.30 going to EOL......

Re: Will (Smart)Workflow come back?

Ron_Izraeli — Tue, 19 Mar 2019 15:23:14 GMT

Changes Report (which was presented at the CPX 2019) will be released this year and will be supported in the upcoming R80.30 SmartConsole.

Re: Will (Smart)Workflow come back?

Johnny_Wong — Tue, 02 Apr 2019 14:23:12 GMT

Thanks.

Re: Will (Smart)Workflow come back?

GlennF — Mon, 13 May 2019 16:03:41 GMT

The Change Summary report is going to be built in to R80.30 SmartEvent, or is there something that needs to be added?

SmartWorkflow : where can I find the sessions stored? I think this sessions is not deleted and filli

Cristobal_Johns — Mon, 15 Jul 2019 20:10:47 GMT

I think these sessions is not deleted and they are filling my hard drive

Re: Will (Smart)Workflow come back?

Mahipal_Singh — Wed, 14 Aug 2019 09:16:17 GMT

if we enable session pane from admin does that enabled for all the users or it is per user setting. if it is per user setting then user can disable it anytime. Can we control the publishing right for user same a policy install rights?

Re: Will (Smart)Workflow come back?

Tal_Paz-Fridman — Wed, 14 Aug 2019 09:24:33 GMT

It will be added as an Extension into SmartConsole (and not related to SmartEvent)

Re: Will (Smart)Workflow come back?

Nurit_Gr — Wed, 14 Aug 2019 10:39:53 GMT

If you are referring to the new solution, then no - the enforcement will be central. Meaning that once the feature is installed / enabled, no user will be able to publish his session without going through the change management flow.

Re: Will (Smart)Workflow come back?

Mahipal_Singh — Wed, 14 Aug 2019 18:42:27 GMT

Can you explain in detail.