Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wolfgang
Leader
Leader

use of different Autonomous Threat Prevention profiles

Hello Checkmates,

we are evaluating the "Autonomous Threat Prevention" feature.

Is there a way to assign different profiles to different gateways ?

Meaning external gateway with perimeter profile and an internal gateway with internal profile. We did not found a solution to attach a gateway to a specific profile. It seems as if only one profile will be available for all gateways in one policy.

Wolfgang

0 Kudos
3 Replies
Tal_Paz-Fridman
Employee
Employee

Hi

One was to achieve this is by using dedicated Policy Packages.

Define a new Policy Package containing just Threat Prevention, calling it for example ATP-Strict_Security.

You can also add just the relevant Security Gateway to the Install Policy Targets for the specific policy.

Then in Autonomous Threat Prevention select the relevant profile, in this case Strict Security.

When you install this policy, it will only load the Strict Security Profile on the specific Security Gateway "attached" to the Policy Package.

 

 

0 Kudos
Wolfgang
Leader
Leader

Thanks @Tal_Paz-Fridman 

this works but it is no solution for a production environment. Using the same gateway in different policy has to manage overhead to manage. Access policy has to be installed from policy1 and ThreatPrevention policy has to be installed from policy2. Everytime you install policy1 you have to check that you not install ThreatPrevention from policy1 to the one gateway with other Autonomous TP Profile…

I think the best will be that we can define on the gateway which ATP profile is assigned to this gateway. Are there any changes in future releases?

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Hi @Wolfgang 

I agree and I will definitely move this request to the relevant owner in R&D.