This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
stallwoodj
Participant
‎2019-07-15 08:13 AM

Endpoint client policy updates

Hi,

 

I have a customer who has a central NPM/EPM server (R77.30) to manage their firewall and endpoint estate. They have an additional Endpoint Security Policy Server which faces the internet for clients in the field, and this works okay.

I was wondering if by putting a reverse proxy (e.g. NGINX) in front of the private EPM, we could in R80 replace the functionality of the current policy server, to save on support costs?

 

Thanks

Jamie

 

0 Kudos
Reply
1 Reply
PhoneBoy
Admin
Admin
‎2019-08-05 12:13 PM

I've never heard of anyone doing this before.
I suppose it's no different than just opening up the Endpoint Server from the Internet.
That said, the NAT rules would be normally be configured in the policy, and thus the client and server would be aware of it.
They wouldn't necessarily be in this reverse proxy case, and that could be problematic.

In any case, the Policy Server is the canonical supported way to do it.
Reply