This is the place to discuss DynFi Manager's generic questions.
Moderator: gregober
-
hrx
- Posts: 2
- Joined: 03 Mar 2024, 15:53
Post
by hrx » 22 Nov 2024, 12:33
Hello Gregory,
I am currently in the process of building a PoC for one of our customers. Part of the PoC is to centrally manage the firewall rules. I would like to do this with DFM – and I have currently installed version 24.1.0 in a test setup. As far as I can see, the management of the rules has not yet been implemented, or at least it is not yet usable. Is there any time frame you can give us for when you might release a first functional version of the rule management?
Thank you in advance!
Kind regards,
Hagen
gregober wrote: ↑11 Jun 2024, 12:14
The ability to manage firewall rules and also NAT rules centrally would be a big advantage and would make the Dynfi FW Manager even more interesting for me.
This is our main focus at the time.
We prioritize requests coming from our customers first, so we strongly encourage you to start subscribing to our offer.
-
gregober
- Posts: 270
- Joined: 26 Mar 2019, 15:06
Post
by gregober » 22 Nov 2024, 15:29
Hello Gregory,
I am currently in the process of building a PoC for one of our customers. Part of the PoC is to centrally manage the firewall rules. I would like to do this with DFM – and I have currently installed version 24.1.0 in a test setup. As far as I can see, the management of the rules has not yet been implemented, or at least it is not yet usable. Is there any time frame you can give us for when you might release a first functional version of the rule management?
Thank you in advance!
Kind regards,
Hagen
The way to handle firewall rules at this stage is through the use of
aliases.
Aliases can be used extensively and managed centrally, allowing you to create some custom settings easily replicable on many devices.
We will start working soon on some new features and handling firewall rules is very high on the priority list.
Will certainly be available in 2025.
We are actually finishing LDAP integration.
-
hrx
- Posts: 2
- Joined: 03 Mar 2024, 15:53
Post
by hrx » 22 Nov 2024, 20:24
gregober wrote: ↑22 Nov 2024, 15:29
The way to handle firewall rules at this stage is through the use of
aliases.
Aliases can be used extensively and managed centrally, allowing you to create some custom settings easily replicable on many devices.
We will start working soon on some new features and handling firewall rules is very high on the priority list.
Will certainly be available in 2025.
We are actually finishing LDAP integration.
Hello Gregory,
thank you for the time frame. If I understand you correctly, your input is that the design of the rules from the outset (in which case we could start a new setup) should be set up in such a way that the aspects of source, destination and ports are assigned and controlled by aliases?
Kind regards,
Hagen
-
gregober
- Posts: 270
- Joined: 26 Mar 2019, 15:06
Post
by gregober » 23 Nov 2024, 16:54
hrx wrote: ↑22 Nov 2024, 20:24
gregober wrote: ↑22 Nov 2024 15:29
The way to handle firewall rules at this stage is through the use of aliases.
Aliases can be used extensively and managed centrally, allowing you to create some custom settings easily replicable on many devices.
We will start working soon on some new features and handling firewall rules is very high on the priority list.
Will certainly be available in 2025.
We are actually finishing LDAP integration.
Hello Gregory,
thank you for the time frame. If I understand you correctly, your input is that the design of the rules from the outset (in which case we could start a new setup) should be set up in such a way that the aspects of source, destination and ports are assigned and controlled by aliases?
Kind regards,
Hagen
Yes, absolutely. By doing so, you would be able to leverage the powerful alias update feature, which allows you to synchronize aliases across multiple devices in just a few moments.
It is also a "best practice" to use aliases as much as possible in your firewall rules, It allows better maintainability, better reading, and better long term support of your rule-sets.
Rules editing is going to come soon.
P.S. Do not cross-post on forum - I have relocate this to it's own thread. Thx.