Firebox policy schedules - option for absolute start/end date and time

PhilT_VITPhilT_VIT
in Firebox - Product Enhancements

I'm not sure how feasible this is but coming from a Cisco ASA where this is possible (to set an absolute start and/or end date and time), is this something that is already part of an existing feature request for WatchGuard FirewareOS, or would it need to be a new one?

For context:
We have some interim/temporary firewall rules to permit access to or from specific internal systems, but we may want to expire them at a certain time during the night, for which we do not necessarily want a firewall admin to wake up to make that one change.
If it were possible to set a schedule, we could then simply modify the schedule or clean up the rules later.

Yes we could set a schedule, but if somehow any cleanup gets missed before the week rolls over again, it will reactivate itself which we don't particularly want.

Comments

  • rv@kaufmann.dkrv@kaufmann.dk

    Very good idea. You can set time schedules on policies but not that advanced you describe which would be a feature i could use.

    Back in time when i was using Juniper i always liked the possibility, when saving a new configuration, to auto roll back withing X minuttes, if you did not acknowledge the new configuration after it was saved.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @PhilT_VIT
    This would be possible with the management server -- a policy template could be scheduled to deploy and remove or add a policy on a certain specific date. On the firewall itself, there are only the recurring weekly schedules.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.