Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2246 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Restoring a firewall configuration

Joe

Hi,

Is there any way of restoring a firewall configuration on a local PC that has been overwritten by the transfer of a configuration from Enterprise Console?

Thanks,

Joe

:159


This thread was automatically locked due to age.
Parents
  • 0

    While 2.0 brought a number of improvements - one of them the facility to configure firewall policies using the event viewer - some issues are still open in different areas. I will mention some of them here in a single post.

    • Checksums: it is recommended to use automatic software updates whenever possible. Being pedantic I say, using checksums precludes automatic updates. Even if I you have 7x24 SCF administration and can update the configuration within minutes there's still the problem of "outside" clients - unless you have a message relay in the DMZ.
    • Leads to the second point: Interactive mode. As Joe has found out (no malice intended) a modified policy on the client is expeditiously overwritten when a policy is changed in SEC - reverting the changes made by the user. Since you might want to use interactive mode for (at least part of) your IT staff you should never ever touch the policy assigned to them. The drawback is that they'd have to configure "global" changes manually (importing new configur ation items in merge mode).
    • Consolidating rules: it doesn't take long to end up with a plethora of rules in different parts of the configuration (and if you are not disciplined the y are conveniently named Learning Rule #nn).  

    No suggestions made at this point - I just trying to instigate some discussion

    Christian

    :181
Reply
  • 0

    While 2.0 brought a number of improvements - one of them the facility to configure firewall policies using the event viewer - some issues are still open in different areas. I will mention some of them here in a single post.

    • Checksums: it is recommended to use automatic software updates whenever possible. Being pedantic I say, using checksums precludes automatic updates. Even if I you have 7x24 SCF administration and can update the configuration within minutes there's still the problem of "outside" clients - unless you have a message relay in the DMZ.
    • Leads to the second point: Interactive mode. As Joe has found out (no malice intended) a modified policy on the client is expeditiously overwritten when a policy is changed in SEC - reverting the changes made by the user. Since you might want to use interactive mode for (at least part of) your IT staff you should never ever touch the policy assigned to them. The drawback is that they'd have to configure "global" changes manually (importing new configur ation items in merge mode).
    • Consolidating rules: it doesn't take long to end up with a plethora of rules in different parts of the configuration (and if you are not disciplined the y are conveniently named Learning Rule #nn).  

    No suggestions made at this point - I just trying to instigate some discussion

    Christian

    :181
Children
No Data
Unfiltered HTML