F-Secure Policy Manager 14.00 f- simultaneous changes to multiple firewall profiles at once

StBor
StBor W/ Alumni Posts: 3 Security Scout
in WithSecure Business Suite

A very complex domain tree.

Domains are divided into roles.

There are multiple firewall profiles in each domain,

several separate for single servers.

Profiles were cloned, rules modified, but a lot of common elements.


If and how can I edit profiles, modify and add rules in which there are common elements, for example: ip address, which must be changed everywhere.

what to do in order not to click each one separately, I'm just learning the product.

Answers

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi,

    Default Firewall profiles cannot be edited. If you want to have custom firewall rules in a profile, you need to clone a default profile and edit it.

    1. Log in to the Policy Manager Console 
    2. Select a host or policy domain from the Domain tree 
    3. Go to the Settings tab 
    4. Open the Firewall settings page
    5. Select a default profile from the Profile being edited drop-down list and click Clone
    6. Give the profile a name and click OK

    Once the profile has been cloned and created, you can start editing it. To take the custom firewall profile into use on hosts, follow the "change firewall profile" below.


    Follow these steps to change the firewall profile in use in a policy for F-Secure Client Security or Server Security:

    1. Log in to the Policy Manager Console
    2. Select a host or policy domain from the Domain tree
    3. Go to the Settings tab
    4. Open the Firewall settings page
    5. In the General section, you can select the profile (Client Security and Server Security use separate profiles)
      • For Client Security hosts, select a firewall profile from the Workstation host profile drop-down list
      • For Server Security hosts, select a firewall profile from the Server host profile down-down list
    6. Distribute the policy (Ctrl + D) to take the profile into use on the host(s). 

     

    To create a custom firewall rule over the Policy Manager Console:

    For Client Security 14 and 15:

    Open the Policy Manager Console and go to the Settings-tab

    Go to Firewall, using Standard view (changeable in the upper right corner)

    Make sure the 14.X / 15.x clients-tab is selected

    Select the profile you want to edit from the Profile being edited-dropdown menu (if the list only contains the default profiles, clone the one you want to use as a base as the defaults can't be modified)

    Click Add rule on the right of the firewall rules list and create the rule as needed (see step 6 if the service required is missing)

    If the service you want to add is missing, click on Configure network services below the firewall rule list. Click Add and follow the steps to add a new firewall service

    Check the Enabled-checkbox to the left of the rule name to make sure that it is in use

    Distribute the new policy by clicking the symbol in the upper left corner of the interface, or by pressing Ctrl+D.

  • StBor
    StBor W/ Alumni Posts: 3 Security Scout

    Sorry, I guess I was imprecise.

    I need to edit multiple profiles created for multiple groups and single servers. In the Policy Manager Console I can do it manually by editing each one separately (e.g. modifying the IP address in a rule).

    Is it possible to change, for example, the IP address in several profiles at the same time?

  • StBor
    StBor W/ Alumni Posts: 3 Security Scout

    script? powershell? json? other?

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 508 Moderator

    Hi StBor

    We do not have options to modify several rules at once.

This discussion has been closed.

Categories