help with centralized control
-
Hello friends, I would like to know if there is any way to control all the firewalls from a central point, let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule, then there is a way to control all firewalls from a centralized console ?, the cloud ...
I appreciate any help ... -
@kapvcop said in help with centralized control:
let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule
Hello,
Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"
I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.
BTW:
this could be a smart question, don't know :) -
There is no official central management, yet. We are working on it though.
What sort of firewall rules are you adding?
One thing you can do it use URL aliases in rules and pull from a central source. Then you can just update a hosted txt file somewhere and all firewalls will pull in that change.
Steve
-
@stephenw10 said in help with centralized control:
here is no official central management, yet.
I seriously feel like you're following me like a shadow, it's because you hate me or because you love me. hehehe.... :)
(don't get me wrong I respect your knowledge - yes I know this is a forum where everyone does what they do best)Coming back to the question, this is a really smart question and could be a TODO.....
+++edit:
you were the first one to "like"
me, several years ago when I wrote about DOCSIS modems , I thought we would be friends Stephen... ???
what has changed since,.... I've been a rude?
-
Too much time on the forum
Central management is understandably an often requested feature and it's something we've been working on for some time. And are still working on it!
-
@stephenw10 said in help with centralized control:
Central management is understandably - And are still working on it!
That's such an meaningless wording Stephen. (I know it's your jobs - excuse me - you used to be more informative)
I'll be honest lately, I'm sensitive nowadays, hahaha
I seriously think you're one of the best hardware guys out there, but you've changed your mentality recently, is something wrong lately?
Yes, yes everyone is suffering
-
@stephenw10 said in help with centralized control:
We are working on it though.
Not trying to be cheeky but I've heard that for the past 5-6 years now.
-
@kom said in help with centralized control:
Not trying to be cheeky but I've heard that for the past 5-6 years now.
this is what I meant
next to my problems, hahahahah
-
I'm saying it's understandable that people ask about central management. I've got enough devices just in my office here that I could use such a feature!
I am saying we are actively working on it and I know that because I have been testing features that will required for it.
It's a huge undertaking though and I can't give you any sort of ETA right now.Steve
-
@stephenw10 said in help with centralized control:
I'm saying
It's fine and we've done without it...
-I take advantage of the opportunity :) -SORRY because this is a forum and I feel bad...
I know I'm hysterical!!!Nothing personal, what do you say?
When the guy (VAMike) attacked me yesterday or before, you were right next to him, hmmm.There are other topics, where others are treated me properly...
Izaac a day ago @Izaac
@daddygo said in "pcscd PC/SC Smart Card Daemon" ?:"it's not a good day for me"
Sorry to hear that. Hope things work out.
So I just wanted to let you know, because I didn't like the shouting and now I'm making it.
I'm finished and if you feel like it feel free to remove my post! :)
-
@daddygo said in help with centralized control:
Hello,
Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"
I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.
BTW:
this could be a smart question, don't know :)Hello, thank you, I agree with the point that each point must be unique, however, there are common policies when the company has distributed branches that all must comply with. Let's have the idea or the example that suddenly we are going to give permission so that they can use a ZOOM for a webinar and only for one day 50 branches should be given permission ... that's what I want to get to.