You can have different rulebases for different FW's and still only have one
management station. It just means that you have more than one rulebase to
work with. You can only open one rulebase at a time anyway with the Policy
Editor. When it comes time to install a particular rulebase and you only
want it to install on the FW's in front of your web and mail servers, then
you can deselect all of the other FW's you may have and only allow this
rulebase to install on those FW's. Then you can do the same thing for each
rulebase you have.
You can also have one rulebase and specify each FW or Gateway that a
particular rule should be installed on. I believe this still installs the
rulebase on every FW that you allow it to be installed on, but the
enforcement of each rule will depend on what FW it was supposed to be
installed on. The other FW's won't enforce the rule if their name isn't on
it. Hope this helps.
opiesan
>From: "Hiemstra, Brenno" <[EMAIL PROTECTED]>
>To: "'Fredy Santana'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: "Multi" Firewall-1 management
>Date: Wed, 13 Dec 2000 13:12:36 +0100
>
>Install one system as a management server...
>
>from there you only have to edit for example the rulebase once..
>and then you distribute them to the other firewalls.
>
>Logs are also centrally stored on the management
>
>This reduces the amount of administration in the point you have
>one central point of administration and adding more firewalls
>are a piece of cake...
>
>This management idea is only for firewalls that are for the same
>purpose and not different firewalls and that have different rulebases, etc
>
>Hope you have some information what is possible with FW-1
>
>Greets
>
>Brenno
>
> > -----Original Message-----
> > From: Fredy Santana [SMTP:[EMAIL PROTECTED]]
> > Sent: woensdag 13 december 2000 16:06
> > To: [EMAIL PROTECTED]
> > Subject: "Multi" Firewall-1 management
> >
> > Hi guys:
> >
> > How can it manage many firewall�s-1?. I thought ins System Status, but
>it
> > looks very simple. Are there anothers ways to do this? What are the
> > licence aspects?
> >
> >
> > Regards from Chile
> >
> >
> >
> >
> > Saludos
> > Fredy R. Santana V.
> > Ingeniero Civil El�ctrico
> > Orion 2000 - Servicios Profesionales en Seguridad Inform�tica
> > La Concepcion 322 piso 12, Providencia.
> > Santiago, Chile
> > Fono: 56-2-6403944, Fax: 56-2-6403990
> > e-mail: [EMAIL PROTECTED]
> > http://www.orion.cl
> >
_____________________________________________________________________________________
Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
