04-09-2019 06:58 AM
Rule merge will come tomorrow.
However, it will still be limited to 10 merges at a time.
Additionally, it will check that you do not merge rules with "any" and values in Users, Applications and Services
04-09-2019 07:09 AM
Thanks for the update, 10 at a time is better than 1 so that will be helpful. I do want to ask about the 2nd part of your response as it relates to 'any'. When migrating from Cisco ASA (and other firewalls also) the application field will always be 'Any' as the ASA is not doing app-id. Does that mean we can still only do 1 rule merge at a time? Hopefully, that is not the case.
04-09-2019 07:14 AM
No, that is not the case.
What we won't merge are rules where some have "any" (does not have a specfic value) and others have specific values. As the result would not be "any", but the specifics.
RULE1 Trust 10.0.0.0/24 -> DMZ 172.16.0.0/25 SSH app-default ALLOW (users)
RULE2 Trust 192.168.10.0/24 -> DMZ 172.16.0.0/25 any app-default ALLOW (admins)
We do not want to merge them into
RULE3 Trust 10.0.0.0/24, 192.168.10.0/24 -> DMZ 172.16.0.0/25 SSH app-default ALLOW
As admins lost access to other allowed apps.
The same would apply to users and to ports.
04-12-2019 09:55 AM
I am dealing with something similar, we are importing thousands of rules from multipe FWs and needing to consolidate/merge rules. Each 'filter' we apply is returning hundreds of cases. We need an option that we can select that will simply merge ALL Cases into case specific rules. The project I am on has over 250 FWs, from different vendors, being merged into a handful of 7000s. Every two weeks we are migrating 10,000+ rules....we have a lot of it streamlined until we get to rule consolidation...6 or 7 different consolidation filters are spawning thousands of cases per migration.
[ ] Merge ALL Cases by Case
Case 1 (9 rules)
Case 2 (24 rules)
Case 3 (19 rules)
Case 347 (17 rules)
= would out put 347 individual rules.
04-12-2019 10:03 AM
My client is also on an older version of Expedition (1.0.105). Working on getting them to upgrade. However is the intent of Consolidating Rules "Merge Selected" to Merge Cases by Case - but only (currently) 10 at a time?
Case 1 (9 rules)
Case 2 (16 rules)
Case 10 (14 rules)
== outputs 10 individual rules??? Cause right now, in our version I think thats broken and we are having to do one case at a time. This is painful.
04-12-2019 12:08 PM
It is now supporting 10 cases (which it means more than 10 rules).
We will modify the merge behaviour to support multiple merges in the background, as merging security rules implies quite a number of check and calculations.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!