Hi all,
There is a new feature in CM, which i like to show to you.
You can create a Group, which has all the Configuration, supported right now.
So you can configure something for a Group, this will be pushed to all Firewalls attached to this Group.
Now about the "new feature".
You can create a Sub Group (lets call it child group). The child will get an own configuration in CM and configure own stuff but gets all configuration inherit by the parent group. You can create Sub Sub Groups, if you want, which also inherit configuration.
Having a Group: SD-WAN, a Group HQ and a Group BO will allow you to specify configuration in the SD-WAN group, which will be available to the HQ and BO.
Lets do some of the many use cases:
You can specify in the SD-WAN Group ATP to be enabled on all firewalls in your Company. Then you specify the Firewalls specific to your Branch offices and Head quarter. Because the ATP Configuration is inherit by SD-WAN, you have to configure it only one time and it gets updated by all firewalls, if you change something.
Going to the HQ Policy, you cannot modify it, because it came from the parent:
You can configure firewall policies, which will be inherit to the child groups. Those firewall rules will be pushed to all firewalls and you do not have to configure them again on each group.
You can specify company used IP Hosts, which you do not have to configure on each group, instead you would have one group as parent.
Did you test this feature? Just wondering.
This thread was automatically locked due to age.