I'm deploying CloudGuard as a southbound cluster in Azure.
I would like to make heavy use of Tags for my rules to do as little rule administration as possible. A limitation to this is that only 15 tags per VM is supported in Azure.
Tags is construtcted of a ”Name” and a ”Value”. My plan was to create some tags like this and create rules accordingly. “InternetAccess=WindowsUpdate”, “InternetAccess=GibHub” and so one. In this manner I would hit the limit of 15 tags preatyt quick.
As the “Value” part of the tag is a string it would be possible to create tags like this one: “InternetAccess=WindowsUpdate,GitHub”.
My question is: Is it possible to create two rules, one where source is tag “InternetAccess=WindowsUpdate” and a second rule where source is “InternetAccess=GitHub” but the VM’s is taged with “InternetAccess=WindowsUpdate,GitHub”?
This way I can create rules with specific values and tags with multiple values that would match a single rule based on a part of a value in with multiple values.