AnsweredAssumed Answered

Create and maintain Shared IPS Layer with R80.X gateways ?

Question asked by Vladimir Yakovlev on Jul 13, 2018
Latest reply on Jul 17, 2018 by Vladimir Yakovlev

Like • Show 0 Likes0
Comment • 10

I have a customer who's sole reason to stick with the MDS is the ability to have common IPS policy across multiple gateways that have individual Access Control, URLF and App Control policies.

Is there a way to have common IPS or threat prevention policy (with obvious caveats that MTAs will be excluded) in SMS?

Since we have the ability to create custom profiles containing rules that could be selectively installed on particular gateways or clusters, this feature seem to be a very logical one to have.

Thank you,

Vladimir

No one else has this question

Outcomes

10 Replies

Valeri Loukine Jul 14, 2018 10:53 AM
Mark Correct
Correct Answer
MDS allows applying the same global IPS policy to multiple GWs belonging to different security domains. There is no problem assigning the same Threat Prevention profile to multiple GWs under the same management.
Like • Show 0 Likes0
Actions
- Vladimir Yakovlev @ Valeri Loukine on Jul 15, 2018 5:49 AM
  Mark Correct
  Correct Answer
  Valeri,
  
  Let me clarify what I am trying to achieve:
  Using SMS with different policy packages, where each policy package is applied to a number of gateways or clusters, I would like to use common IPS or TP policy across all of them.
  Yes, we can use common profile for multiple policy packages, but this will necessitate multiple installations of the TP policies, one for each policy package.
  The idea is to have same capability in regards to TP/IPS in SMS as presently exists in MDS only: single policy that could be installed to multiple targets irrespective to their policy package membership.
  
  Regards,
  Vladimir
  Like • Show 1 Like1
  Actions
  - Tomer Sole @ Vladimir Yakovlev on Jul 15, 2018 7:05 AM
    Mark Correct
    Correct Answer
    Hi Vladimir, this is available starting with R80.20.M1 - you can share a Threat Prevention Layer across multiple policies, both in Multi-Domain and Security Management Servers. Raz Shlomo
    (colors are different because it's taken off the more advanced R80.20 EA, but you can do that with R80.20.M1)
    
    2 people found this helpful
    Like • Show 1 Like1
    Actions
    - Vladimir Yakovlev @ Tomer Sole on Jul 15, 2018 7:10 AM
      Mark Correct
      Correct Answer
      Thank you Tomer!
      This is exactly what I had in mind.
      Like • Show 0 Likes0
      Actions
    - Vladimir Yakovlev @ Tomer Sole on Jul 15, 2018 7:26 AM
      Mark Correct
      Correct Answer
      Tomer, can you clarify if this common IPS/TP layer could be installed on all targets in all policies simultaneously, or is the installation still limited to a single group of gateways/clusters managed by the parent Access Control policy?
      Like • Show 0 Likes0
      Actions
      - Tomer Sole @ Vladimir Yakovlev on Jul 15, 2018 8:39 AM
        Mark Correct
        Correct Answer
        You still have to select the policy + the gateways at the policy installation dialog. If the policy is not the same across your gateway group, then this means picking a different policy package at every time. The term is a Policy Package which includes Access Control + Threat Prevention.
        BUT we're simplifying that soon as well TechTalk: R80.20 Demo
        Like • Show 1 Like1
        Actions
        Vladimir Yakovlev @ Tomer Sole on Jul 16, 2018 8:09 AM
        Mark Correct
        Correct Answer
        Any clue as to ETA?
        Like • Show 0 Likes0
        Actions
        Tomer Sole @ Vladimir Yakovlev on Jul 16, 2018 10:29 AM
        Mark Correct
        Correct Answer
        Of the TechTalk? Sure - this Wednesday J
        I want to present the feature and then if you think that this can help simplifying this scenario then we can talk about ETAs / how to enable it from the public EA.
        1 person found this helpful
        Like • Show 1 Like1
        Actions
  - Valeri Loukine @ Vladimir Yakovlev on Jul 17, 2018 5:42 AM
    Mark Correct
    Correct Answer
    Okay, it is clear now. I see Tomer is already providing you with the info you need. Please do join our webinar tomorrow, you will hear about this and other interesting features coming up with the new management release update.
    Like • Show 0 Likes0
    Actions
    - Vladimir Yakovlev @ Valeri Loukine on Jul 17, 2018 6:56 AM
      Mark Correct
      Correct Answer
      Thank you Valeri, I'll be on it tomorrow.
      Like • Show 0 Likes0
      Actions

Create and maintain Shared IPS Layer with R80.X gateways ?

Outcomes

Related Content

Recommended Content