Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1253 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Group Management how it works?

Ste

Dear Community,

can you please explain how Firewall Group Management https://news.sophos.com/en-us/2019/10/24/firewall-group-management-just-got-easier/ works?

The post say: This feature allows you to synchronize policy, objects and other settings across a group of firewalls for consistency. Make a change once, and have it automatically apply to all firewalls in the group.

Is this meaning that firewall in the same group will have the same configuration? 

What are the "other settings" metioned?

What appen if I join two existing XG V18 with own configuratoin on the same group ?

Thank you



This thread was automatically locked due to age.
Parents
  • 0

    Central will push objects, which uses the same name. For example you have a Firewall Rule configured called "LAN to WAN" in Central. This will be pushed to the XG. If XG already has a Rule with this specific name, it will be overwritten. 

    You can create a new Group (template) and import the existing configuration of one of your Firewalls. Then push this Configuration to another firewall, by adding this firewall to this group. 

    Settings, which are "switches" like "ATP ON / OFF", will be overwritten. Exceptions will be added. 

  • 0 in reply to LuCar Toni

    And what about the local changes?

    When you do a local change on a joined group firewall what appen on the other joined firewall?

  • 0 in reply to Ste

    CM is a Unicast push. Only Central to XG. There is no back sync of local changes. 

    There will be a Item locking in the future, to lock Items pushed by CM. So you cannot change them on the local webadmin. But a backsync is not planned. 

  • 0 in reply to LuCar Toni

    I've create a gruop with Defaul Configuration and I've join a XG that was previsly configured. Now my firewall has the previus configuration and I can push new configarion from Central. 

    What about if now I join on the same group another XG with his hown configuration previusly done?

    It will take his old configrations as is and then receive the new done on the central? 

    Thank you

Reply
  • 0 in reply to LuCar Toni

    I've create a gruop with Defaul Configuration and I've join a XG that was previsly configured. Now my firewall has the previus configuration and I can push new configarion from Central. 

    What about if now I join on the same group another XG with his hown configuration previusly done?

    It will take his old configrations as is and then receive the new done on the central? 

    Thank you

Children