cancel
Showing results for 
Search instead for 
Did you mean: 
SOLVED

Outsourcing the configuration of the Firewall App

jacaré
Established Member

Outsourcing the configuration of the Firewall App

Is it possible that the configuration of the firewall app is for example on an FTP server in our internal network. From the cloud then comes only the trigger, get the configuration X from server Y. In addition, the firewall app can also fetch the associated configuration X from server Y after booting.
The reason for this is that the firewall whitelist contains sensitive data, such as IPs, MACs, ports that are open and so on.

In addition, simple and centralized management of the firewall app is important to IT.

4 REPLIES 4
mlaml
Member

Re: Outsourcing the configuration of the Firewall App

Hi,

currently there is no mechanism available that you can use out of the box.

The following two variants come to mind

- Use your own app which retrieves the configuration X from server Y  and then uses the firewall (REST) API to set the new firewall configuration

- Use the REST API from the firewall app to set the configuration from a remote system (requires inbound connection)

Personally I would prefer the second variant, but it of course depends on your environment whether that's possible.

Could you give a few more details how you would want to set the trigger in the cloud? How would the ctrlX CORE be triggered?

Best regards,

Michael

 

 

jacaré
Established Member

Re: Outsourcing the configuration of the Firewall App

Where can I find the configuration of the firewall as a file? I don't find anything in "Configurations".
Can you provide the link to the documentation of the firewall REST-Api?

CodeShepherd
Community Moderator

Re: Outsourcing the configuration of the Firewall App

See the online documentation "Firewall App, Security Functions ctrlX CORE, Application Manual" for more information.

jacaré
Established Member

Re: Outsourcing the configuration of the Firewall App

with the newest release RM21.07 the firewall app uses the configuration system of the core. A nftables.conf is there inside "Manage app data".

Icon--AD-black-48x48Icon--address-consumer-data-black-48x48Icon--appointment-black-48x48Icon--back-left-black-48x48Icon--calendar-black-48x48Icon--center-alignedIcon--Checkbox-checkIcon--clock-black-48x48Icon--close-black-48x48Icon--compare-black-48x48Icon--confirmation-black-48x48Icon--dealer-details-black-48x48Icon--delete-black-48x48Icon--delivery-black-48x48Icon--down-black-48x48Icon--download-black-48x48Ic-OverlayAlertIcon--externallink-black-48x48Icon-Filledforward-right_adjustedIcon--grid-view-black-48x48IC_gd_Check-Circle170821_Icons_Community170823_Bosch_Icons170823_Bosch_Icons170821_Icons_CommunityIC-logout170821_Icons_Community170825_Bosch_Icons170821_Icons_CommunityIC-shopping-cart2170821_Icons_CommunityIC-upIC_UserIcon--imageIcon--info-i-black-48x48Icon--left-alignedIcon--Less-minimize-black-48x48Icon-FilledIcon--List-Check-grennIcon--List-Check-blackIcon--List-Cross-blackIcon--list-view-mobile-black-48x48Icon--list-view-black-48x48Icon--More-Maximize-black-48x48Icon--my-product-black-48x48Icon--newsletter-black-48x48Icon--payment-black-48x48Icon--print-black-48x48Icon--promotion-black-48x48Icon--registration-black-48x48Icon--Reset-black-48x48Icon--right-alignedshare-circle1Icon--share-black-48x48Icon--shopping-bag-black-48x48Icon-shopping-cartIcon--start-play-black-48x48Icon--store-locator-black-48x48Ic-OverlayAlertIcon--summary-black-48x48tumblrIcon-FilledvineIc-OverlayAlertwhishlist