Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
smeny
Participant

create inital Firewall Policy / collect Infos to create Firewall Ruleset

Hello all,

I have a question for the community regarding the creation of an initial policy.
In our infrastructure, we deploy firewall clusters fully automatically, but we always have the challenge of creating an initial policy that includes the necessary activations to run the customer's application landscape. The environment is usually completely rebuilt so that some teams (e.g. SAP) are also involved, which then also require special activations for the server communication.

So far, we have used an Excel template in which the project participants have entered their required rules.
We currently use an excel workbook as questionary for collecting all required data for creating the initial firewall policy. This excel workbook is sent to the project participant to collect the necessary information. The excel form contains a sheet for hosts, ports, host groups, port groups ending up in a table for combining all previously defines elements into rules for communication.
We then reworked verify and correct the template collected information and pushed push the objects, groups and rules into the firewall’s policy via script.
The challenge, however, is the actual Excel template, as the colleagues fill the cells and rows differently here, which means that we have a lot of work to do to create the script.
Possible problems we need to correct here are wrong format / syntax, removing duplicates or adding missing data (for example missing IP addresses for host objects).

Do you have any tips, tricks, tools or suggestions on how to make the initial policy creation process smarter?

 

Thanks for your ideas and help

Stefan

1 Reply
G_W_Albrecht
Legend Legend
Legend

What should be done using tips, tricks or tools when the challenge is that colleagues fill the cells and rows differently here ? Better give intermediary templates like paper sheets with needed fields to be filled-in to the colleagues and later do the correct input to the Excel template and verification steps.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events