I'm deploying CloudGuard as a southbound cluster in Azure.
I would like to make heavy use of Tags for my rules to do as little rule administration as possible. A limitation to this is that only 15 tags per VM is supported in Azure.
Tags is construtcted of a ”Name” and a ”Value”. My plan was to create some tags like this and create rules accordingly. “InternetAccess=WindowsUpdate”, “InternetAccess=GibHub” and so one. In this manner I would hit the limit of 15 tags preatyt quick.
As the “Value” part of the tag is a string it would be possible to create tags like this one: “InternetAccess=WindowsUpdate,GitHub”.
My question is: Is it possible to create two rules, one where source is tag “InternetAccess=WindowsUpdate” and a second rule where source is “InternetAccess=GitHub” but the VM’s is taged with “InternetAccess=WindowsUpdate,GitHub”?
This way I can create rules with specific values and tags with multiple values that would match a single rule based on a part of a value in with multiple values.
I have 2 scenario of tag usage, 1st as Ole one and one different.
Is there any new regarding Ole's request?
The 2nd scenario is to use multiple tag (source or destination) in a one rule with an AND operand.
This will allow to combine the tags and match the rule. We'd like to avoid multiple rules instead of one rule.