StoneBlog.stonesoft.com

There is a nice new shortcut in SMC 5.2 that lets you to convert old policy snapshot as new policy in the SMC. Just right-click any policy snapshot element and select Tools > Restore… The system then imports the snapshot as a new policy element to SMC. This is a nice backup feature if you face the need to revert back to previous policy version.

In SMC 5.2, you can also restore individual element’s old version to your current SMC. Just open some old policy snapshot, right-click the element and select “Restore” from the menu that opens.

Both these restore actions launch Import process in which you still have the possibility to review the changes and change the import action (Import/Do Not Import/Rename). See more details about Import Enhancements in SMC 5.2 in here.

written by Tero Jantunen - 1,050 views \\ tags: 5.2, Feature Previews, Policy, Policy Snapshot, Restore, revert policy, SMC

From the StoneBlog Admin Team: the procedure described here carries a high risk and can harm your system if performed incorrectly.
We do not recommend following this procedure unless you are an expert with StoneGate and other related technology. Stonesoft’s Support does not provide assistance with any problems that you may encounter as a result of following this procedure.

If you have disabled Policy Handshake feature from firewall properties and you install a policy that breaks management communication, you need to manually revert to previous configuration from StoneGate firewall node locally.

You can do this with command

/usr/lib/stonegate/bin/sgcfg -a -d /data/config/policy/previous apply

This needs to be run on all cluster nodes, ad of course it works only if a previous policy exists on given node

There is also more “standard” way to revert to previous policy from the GUI using a snapshot.

written by RoarinPenguin - 1,938 views \\ tags: CLI, engine, rescue, revert policy