-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows Firewall hardening check with the external template files #85
Comments
Hi @ediulia , Just to set the right expectations, this is an external hardening tool and cannot change the Vault behavior would you be able to share a same template? Thanks, |
Hey @AssafMiron. Thanks |
Thanks @ediulia Then the input object might even be a CSV file with the relevant parameters |
@AssafMiron Yes. CSV is the option. We also checking the option working with Firewall-Manager PS module. Thanks |
User Story
Some customers due to the multiple Vault Firewall rules are managing the Vault firewall rules outside the DBParm.ini
Each editing, adding, or removing new Non-Standard Firewall rule requires Vault restart
Setting the complicated Firewall rules in DBParm.ini can cause the Vault startup failure due to the human syntax errors in the parameter configuration
The solution is to maintain the Vault Windows Firewall externally and to disable Vault warning:
"ITATS319W Firewall contains external rules"
CyberArk Vault Hardening check has to support the scenario, there are no Firewall rules configured in DBParm.ini
And to be able to validate the Vault Windows Firewall configuration with the Firewall template file provided as an input parameter to main.ps1 script
Test Scenarios
IF (-ExternalFWConfigurationTemplatePath )
ELSE
Implementation
Notes
Implementation Tasks
The following issues have been created to implement this user story:
The text was updated successfully, but these errors were encountered: