Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Collaborator

Inline layers after migrating from R77.30

Jump to solution

I developed all our Application Control, URL Filtering and IPS policies in R77.30 in mid 2017.  Then in December 2017, I upgraded our entire environment to R80.10.  Now, converting the AP/URL rulebase to inline layers is a bit more tedious with all in production.  That couples with recommendations that we NOT use 'Internet' object and instead use negated private networks for destinations, this can get a little dicey.

Can you think of a strategy to move all the rules to in-line with minimal risk of any outage?

Thank you in advance,

Dan

 

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Employee+
Employee+

You could check out an example of using the APPC/URLF rulebase as a shared inline layer in R80.x Cloud Demo

 

image.png

View solution in original post

5 Replies
Highlighted
Champion
Champion

Dan,

A little while back I had a situation where I needed 1 APCL/URLF policy for both R80 gateways and a set of embedded gateways.

What I did was I went into the Policy of the Embedded with the Application policy and opened the policy editor and set the application layer to shared:

 I then added a layer in the policy I had for the R80 gateways Layers.JPG

I then added a layer in the policy I had for the R80 gateways and added the shared layer to the rule where I needed to add the layer.

In your situation there is only one more step to do, delete the Application policy  from the Access control.

This will NOT delete the layer as that is now shared.

Regards, Maarten
Collaborator

Maarten,

Interesting,  I've read your reply twice and I'll probably read it again.  I really need to setup a lab environment.

Thank you.

0 Kudos
Highlighted
Employee+
Employee+

You could check out an example of using the APPC/URLF rulebase as a shared inline layer in R80.x Cloud Demo

 

image.png

View solution in original post

Highlighted
Collaborator
Thanks Ron, All this time I did not know what was available in demo mode, what a great resource!
0 Kudos
Highlighted
Admin
Admin
I can answer many questions on CheckMates through the use of Demo Mode 🙂