Service --> Groups --> Firewall Rule or Outbound Policy


#1

It would be nice to be able to create a service with as many different applications and ports as desired and put these services in a group and just attach that group to 1 firewall rule and or outbound policy. Basically like SonicWall or Sophos. Makes things much easier to manage and not have to create tons of different rules for 1 application.

And the same applied to Networks. Ex: Group - VoIP Trusted Networks - 64.94.196.0/23
198.58.40.0/21 and just apply this group to firewall rules and outbound policies.

Thanks


#2

This is in our roadmap but you will probably not see these features until firmware 6.4 or later. Thanks.


#3

Great to hear!


#4

Hey I am just wondering if the zoning feature as talked about was still in road-map for 6.4.0? We would like to be able to create firewall rules as requested above and also zone VPN connections to specific LAN’s, etc.

Thanks


#5

Yes! We target to support on v6.4.0 and it should be available by year end.


#6

Awesome, thanks TK as always.


#7

Hello,

I am following up on this badly needed feature.

We are reluctant to move our larger clients with numerous firewall rules that would take so much more time to configure rules for without being able to create address objects to bundle multiple IP addresses to the same rule.

This feature was supposed to be released for version 6.4 and was to be available by year end last year.

Please update when we can expect to see this capability.

Thanks very much.


#8

We really need this feature as well any update on this?


#9

Any time-frame on this?


#10

The requested features had been rescheduled to firmware 7.1.0 . Tentatively targeted for Q4 2017. Please stay tuned.


#11

Thanks Sit that’s great to hear.


#12

Hi Sit,

That’s great to hear, we’ve had a few enterprise size deployments raise red flags with the lack of this feature, however if you can confirm that it will be by the end of this year, we’ll add a note in our proposals regarding this.


#13

@pepnet_allan, this is our target. Engineering team is working on this.


#14

That’s great news thankyou.


#15

Is this feature completed?


#16

Hi @BrianS

Yes, these features are now available:-

Outbound Policy

Firewall Rules

Hope this helps,

Steve


#17

We can’t do this locally on device though correct?


#19

Hi @tjvoip45

No, you can’t do that locally on the device (well not as easily). You could download the configuration file and then upload the file to your other devices. However, this config file will contain more than just the Outbound policy and firewall rules, so you may need to “adjust” settings which are over-written using this method.

You won’t be able to apply the config file to differing models either, so a config file from a BR1 can’t be uploaded to a Balance One, for instance.

Thanks,
Steve


#20

Hi,

Am I wrong if I say this will be achieved in version 8 with new option “Grouped Networks” in routers ?
It seems in any case a step in the right direction.

What I am still missing though is “default zones” like we would find in all other firewalls (Sophos, SonicWall, juniper, …). Also I am not sure how to use this with automatic Outbound rules and Automatic Firewall rules from ICA as that still uses imports of conf files.

Thank you in advance.

Sven