Jump to content


Photo

Offline Policy Editor


  • Please log in to reply
No replies to this topic

#1 Scott Leith

Scott Leith
  • Members
  • 16 posts
  • LocationFlorida, USA

Posted 23 January 2015 - 10:18 AM

I would like to see the ability to make offline policy edits to a WAF, then commit all the policy edits at one time during a maintenance window.  Most organizations will now allow edits to be made to their WAF during business hours, especially when edits can spontaneously cause the web interface of the WAF to become unavailable for a time.  This means policy edits would need to be made during a small maintenance window.  If a large number of parameters or policies need to be modified, and each needs to be modified one-at-a-time, it is not possible to complete the task within a small maintenance window.  Likewise, it would take a very long time to roll back the changes.  Many technologies address this issue within a centralized management system.  The updates are then pushed to the enforcement modules all at once.

 

I believe a potential solution to this problem is to be able to download the policies to a local machine.  Edit them.  Then upload the modified policy back to the WAF.