This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Add members locally to a host group which was added by SUM

Hi everyone,

 

I am using SUM for a long time for about 20 UTMs at different customers and my goal is the following: I want to add a new firewall rule where the source is a host group, that is filled at the UTM itself, not by SUM.

Why would I do that? The source should contain the domain controllers of the different customer and I don't want, that the IP of every other customer DCs could be seen by my customers admins.

So I just want to add the rule through SUM, but fill the source (group) at the local UTM. When I do that, the host group is greyed out at the local UTM and I am not able to fill the group with members.

How could I archive that?

 

Thank you and best regards,

Johnny



This thread was automatically locked due to age.
Parents
  • Hallo Johnny and welcome to the UTM Community!

    It's been a long time since I used sum, so the behavior might have changed.  I would put a "placeholder" Host in the Group and then change the placeholder to the correct Hosts in the client's UTM.  That should disconnect the Group in the client's UTM from the definition in the SUM.  Hat's geklappt?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi ,

     

    unfortunately not, everything that comes from SUM is read only:

    This rule will have many services and it would be a great relief if I won't have to add this at each UTM manually...

    So I am searching for a way to deploy rules via SUM that are editable at the local SUM.

     

    Best regards,

    Johnny

  • In this case I use a local group where I add the SUM group and local enhancements

Reply Children
  • , that means you distribute only the definitions for the services and a definition group and the destination hosts / group to the UTMs? And then you create the rule per UTM by yourself? Okay, that would be a compromise solution.

     

    If not, I don't get it what the Benefit is from adding the SUM group to a local Group, because at the SUM rule is only the SUM group added and there is no way to edit this locally. And I found no way to tell the SUM rule to use an existing local UTM group.