Feature Requests: Device list and Rules sync between two firewalla devices
I have two firewalla gold installed in different places.
Although the network is a bit different, ex. wifi ap/switches. But most of the mobile devices are the same. Is there a way to sync certain device group between two firewalla?
Also if the rules can be sync between these firewalla devices?
-
I recently added a second firewalla to another site.
First is there a way to get two firewallas to show up in my.firewalla.com at the same time? Seems I have to log out of one to open a second? If you could have both boxes on the web page at once you could make a group that could pick and choose devices from both firewallas and create associated rules for devices at both locations?
Also you could make it a more generic copy or duplicate of rules/groups/port forwarding/etc so there's more use case. And if a group with devices from multiple firewalla's is too complex this would get much of the benefit too.
Copy or duplicate from box to box would be great. Example, I have 2 firewallas and each location has a home automation hub and a security camera setup. I need 11 rules between them to block all but the required flows- it would be nice to just copy from one site to the other.
But also more generically it would be nice to duplicate even on the same box. Example- one location has 2 different computers that we use RDP on- support showed me how to setup the first box to use a nonstandard port and then block access from all but a specifc set of ip's from known offsite locations - recently we added a second machine for RDP from a different group of ip's. Again theres a small handfull of rules to recreate.
Its not going to kill me to retype everything but would be neater and more controlled just to pull up the list from the first site and then one by one go down the list to copy/duplicate to the second site. Obviously, there would still be some edits needed but there would be a quicker starting point.
Past initial setup as new mobile hardware (phones, laptops) will be added many typically would connect at both sites. And as we find 'stationary hardware' we like at one location (IOT, Printers, Etc) we tend to add a duplicae to the other- so being able to quickly duplicate rules from one firewalla box to another would be a great ongoing feature.
-
@Michael
Thank you for the suggestions; many of these features are in the bucked we call, very important for a few, bucket. Our main problem with building this is more of the economics; even if we charge extra, we are not sure if we can break even. (The long term support for such features is expensive).
If anyone else interested in Michael's ideas/use cases, please upvote.
-
I would like to add that having user goups sync between Firewall boxes would good.
In addition to using Firewalla at home, I use a Firewalla Purple as a travel router, and will likely get a second Firewalla for the parents' house up north. Being able to have common devices roam between boxes with the same rules would be very nice.
Please sign in to leave a comment.
Comments
6 comments