The actual substitution method of local on the UTM existing objects eems to be little prone to create and left after a while of usage lots of multiple objects copies with those "[xyz] suffixes, which - by the way - has to be cleaned up manually.
After using the centrally managed objects now over the years since the feature was introduced (incl. little later the substitution option), my personal conclusion is, that replacing local UTM objects throgh a SUM managed object may not be the optimal approach, as it showed up from my experience some drawbacks over the years as:
- a growing number of doublettes with suffixes (wich are hard manual work to clean up)
- replaced default objects in the UTM are not updated anymore, if a firmware makes changes (as Webproxy Exceptions for example)
- The substitution today has to be made available for all centrally manageable features (which isn't done actually), and in my eyes always requires a extra R&D effort compared to a non substituting approach
- I assume there is also lot of complicated backend code to maintain that substitution stuff
So i propose, it might be in real life scenarios less problematic approach NOT to substitute any objects on the UTM's, and instead generally deploy SUM managed objects as own Objects (maybe with a automatically added pre-, or suffix as (SUM)) to avoid those substitution and suffix issues - even if some objects may exist two times on the UTM after that (once local and once centrally managed). I would expect, that this also may ease future handling of newly added features, as the whole substitution stuff hasn't to be maintained anymore, and local existing UTM objects - especially the default ones, are left untouched.
I'd happy to hear, that that approach may be considered for a future release.
In the other hand I didn't expect, that you reworked the existing features up to 9.2 state that fast (and I didn't find too many obvious bugs so far, which is quite good) [:D]
Guest User!
You are not Sophos Staff.
