This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

dynamic Network Group

We currently have a Network Group set up in our UTM with a list of the names of servers allowed to access the internet. As we move more into automatic provisioning of servers, is there any way to automatically add/delete servers on the list as they are provisioned?

At the moment, it's a manual process, but it's starting to get unwieldy. I don't see any way to tie the Network Group to an Active Directory group (which would be the cleanest way for us), or a JSON etc interface to the UTM.

We can't tie it down to a subnet, since we're going to have servers on the same subnets which should not be allowed out to the internet.

Does anyone have any suggestions?

JP.

This thread was automatically locked due to age.

0 apijnappels over 11 years ago

You could divide your subnet in two and only apply masquerading rule on the part of the subnet where your servers reside in stead of masquerading the entire subnet.

Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.
Cancel
Vote Up 0 Vote Down

Cancel