- Local User Groups
Welcome to CheckMates
Journey to the Cloud with Confidence!
Webinar: Wed 10 June @ 8am PT | 11am ET
I am Gil Shwed
Ask Me Anything!
for working from home
APT41 and Living Off The Land
Is there a method to compare policies on two different SmartCenters? I have the following case:
We have a customer with a R80.20 SmartCenter managing the perimeter firewall cluster. The SmartCenter runs on a Smart-1 appliance. We have migrated the SmartCenter to VM and R80.30 with a advanced migration. We also changed the hostname and IP-address of this new R80.30 SmartCenter.
The R80.30 SmartCenter is managing the new core firewall cluster and now we need to perform a SIC reset on the perimeter firewall cluster so the new SmartCenter is managing the perimeter firewall also.
But this customer is a large hospital so with the current Corona crisis, we cannot change anything on the perimeter firewall. Except a policy offcourse. So when the customer changes something on the perimeter firewall, this change must also be added to the new R80.30 SmartCenter. This has to be done as long the perimeter firewall is not migrated to the new SmartCenter. We do not know how long this will be the case.
To avoid mistaked, we would like to have a procedure to compare the policy of the perimeter firewall on both SmartCenters just before migrating the perimeter firewall. If all changed where added on both SmartCenters, the difference should be zero. But a mistake is easily made so comparing the policies could show those mistakes.
Anyone done this before?