cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
alexc88
Iron

commit simultaneously on various policy packages

Jump to solution

Hi, is there a way to deploy the changes you do on an object simultaneously on all policy package where the object is involved? Every time I need to modify an object that's involved in about 30 policy packages I have to open the single policy package and install, it would be glad to push in one single command or single operation this kind of change.

Thanks for your help

1 Solution

Accepted Solutions

Re: commit simultaneously on various policy packages

Jump to solution

For R77.30 you could write a shell script for execution from the CLI on your SMS, and run it whenever you have made an object change in the SmartConsole (and done a Save) that you want to propagate to all gateways.  Note that gateway and policy names are case-sensitive...

#!/bin/bash

fwm load Policy_1_Name Gateway1_Name

fwm load Policy_2_Name Gateway2_Name

etc...

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
9 Replies

Re: commit simultaneously on various policy packages

Jump to solution
That's interesting, I'm really curious as well.
0 Kudos
Employee++
Employee++

Re: commit simultaneously on various policy packages

Jump to solution

You can use Layers (Ordered or Inline). If the Layer is part of the Policy Package, any change you preform on it will be applied across all Policy Packages.

Please refer to Security Management R80.30 Administration Guide > Creating an Access Control Policy > Ordered Layers and Inline Layers

0 Kudos
alexc88
Iron

Re: commit simultaneously on various policy packages

Jump to solution

But layers are available only on 80.10? Because we have 77.30

Re: commit simultaneously on various policy packages

Jump to solution

In R80.20+ MDS/Provider-1 you can automate and/or schedule mass installation of policies using the "Policy Presets" feature.

 

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: commit simultaneously on various policy packages

Jump to solution
And on top of that you can also install policies directly from the MDS view, right click on the domain and select install policy.
Regards, Maarten
alexc88
Iron

Re: commit simultaneously on various policy packages

Jump to solution

but is a solution also for R77.30?

0 Kudos

Re: commit simultaneously on various policy packages

Jump to solution
Nope, As @Timothy_Hall said only R80.20+
Regards, Maarten
0 Kudos

Re: commit simultaneously on various policy packages

Jump to solution

For R77.30 you could write a shell script for execution from the CLI on your SMS, and run it whenever you have made an object change in the SmartConsole (and done a Save) that you want to propagate to all gateways.  Note that gateway and policy names are case-sensitive...

#!/bin/bash

fwm load Policy_1_Name Gateway1_Name

fwm load Policy_2_Name Gateway2_Name

etc...

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
Admin
Admin

Re: commit simultaneously on various policy packages

Jump to solution
You pretty much have to do the same thing in R80.x as well, even if you use Policy Layers (though the exact command is different).
0 Kudos