Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Exporting Rules

shultisshultis Newbie ✭
in Firewall Management and Analytics

We are being asked for a regular report of firewall rules as part of our compliance requirements. We have tried copying the GUI display into excel, which is time consuming and tedious, and cleaning up the TSR output, which borders on painful.

Anyone have an easy way to export the rule set, including comments into excel, or some other easily viewable format using the firewall, or GMS, or some other onprem tool?

Category: Firewall Management and Analytics
Reply

Answers

  • SaravananSaravanan Moderator

    Hi @SHULTIS,

    Glad to see you on several discussions.

    With the current generation firewalls, unfortunately exporting of access rules is not an option. We would need to use TSR to fetch access rule details for any sort of compliance or audit purpose. We can understand that this is a bit long and time consuming process. GMS can provide you flexibility to emulate certain or all configuration from one firewall to node or vice versa and it doesn't provide exporting of access rules. Your query should go as an RFE (Requesting Feature Enhancement) to our Sales team.

    FYI - Access rules export is available by default from next generation firewalls (Gen 7) that are going to be soon available for the customers.

    Let us know if any questions. Have a better day!!!

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • LarryLarry All-Knowing Sage ✭✭✭✭

    FYI - Access rules export is available by default from next generation firewalls (Gen 7) that are going to be soon available for the customers.

    Good to know that this valuable feature is coming.

    Despite my professional belief that it should have been on the roadmap after transitioning away from Dell...

  • Connex_AnanthConnex_Ananth Newbie

    Dear @shultis ,

    You may also try to get configuration backup from the firewall and try to upload and convert it using MySonicwall tool into text file.

    in the text, you can get it everything including with objects, app rules, content rule.

    Thanks,

    Ananth - Connex IT

  • shultisshultis Newbie ✭

    Found a product from Titania called Nipper that creates a pretty impressive report from a sonicwall settings file. It's fairly pricey, but if you need a report on firewall rules for compliance, this makes it simple and concise.

  • Connex_AnanthConnex_Ananth Newbie

    @shultis Thanks for the information.

  • IstvanIstvan Newbie ✭

    Hi,

    Without knowing the exact audit requirements and its purposes I suggest you to consider developing this on your own (one time development I guess) using

    • the API available for SonicOS 6.5:
    https://www.sonicwall.com/techdocs/pdf/sonicos-6-5-1-api-reference.pdf
    • Or, archive the firewall settings using the FTP backup option. You can write a script to decode the config file (Base64 to text) and pick out the required parts.

    If you want to shed light on changes (like the suspicious ones that were made and reversed within a short period of time) GMS and NMS can provide change management and change audit reports as well.

    Regards,

    István

Sign In or Register to comment.