- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Policy verification fails with Data Center objects
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Policy verification fails with Data Center objects
We noticed a strange issue with policy verification (R80.40). The policy is heavily AWS dependent, more than 50% of all rules are using AWS security groups either as a source or a destination. Here is example of some of the rules:
Rule# | Source | Destination | Service | Action |
100 | 10.0.0.0/8 | sg-aaa, sg-bbb | Any | Accept |
... | ||||
200 | 10.0.0.0/8 | sg-ccc | Any | Accept |
... | ||||
300 | 10.0.0.0/8 | sg-ddd, sg-eee | Any | Drop |
Verifier complains that rules 100 and 200 conflict with rule 300. Security groups are different, and they are not empty.
Strangely, policy installation succeeds. Furthermore, running policy verification after installation succeeds as well.
Any ideas why is this happening and how to avoid it? Thanks.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
Tue 02 Apr 2024 @ 05:00 PM (CEST)
CloudGuard Under the Hood: VMware NSX-T East-West SecurityTue 02 Apr 2024 @ 05:00 PM (CEST)
CloudGuard Under the Hood: VMware NSX-T East-West Security