Nebula ATP and FLEX Export security policy rules

Options
JoostGroot
JoostGroot Posts: 10
First Anniversary First Comment
in Nebula

Hi, for our cutomers and our own company I am looking for a way/feature to export the security policy rules in such a way that we can user it for documentation (CSV would help). We need to document (hard copy) the rules for regulations around the ISO27001 requirements.

Since Nebula doesn't have a backup method, or an export option, we have to copy the rules by hand. In this day and age this can't be the only option for a cloud based platform line Nebula.

Accepted Solution

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,079  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Currently, Nebula does not support this feature. We suggest using the CLI command 'debug sdwan show firewall running-config' to retrieve the security policy content as a workaround solution.

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,079  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @JoostGroot

    Thank you for reaching out to us. Currently, Nebula does not support exporting files for security policy settings because it is a cloud-based platform. Customers are expected to edit the security policies directly on the Nebula page. However, if the user wishes to export the log messages to a .CSV file, we support this feature. Since log messages can be large, the .CSV file should be readable for the user. Thanks.

  • JoostGroot
    JoostGroot Posts: 10
    First Anniversary First Comment
    Options

    To bad, because we need to have a "hardcopy" of the rules as a check and controle. Because there is no versioning in Nebula. For businesses that take their security serious, this is mendatory.

    Exporting logs is fine, but that is not a snapshot of the rules. We will look for a way to do this out side of Nebula.

    Hope this feature can be added in the future.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,079  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @JoostGroot

    Thank you for your suggestion. Could you please enable Nebula support and provide us with your organization and site names by private message? We would like to examine your current security policy settings. Thank you.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,079  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Currently, Nebula does not support this feature. We suggest using the CLI command 'debug sdwan show firewall running-config' to retrieve the security policy content as a workaround solution.

Categories

Nebula Tips & Tricks


    Read more

    Nebula Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)