SolarWinds Firewall Security Manager (FSM) is a powerful tool for analyzing firewall configurations and logs to isolate redundant, covered, and unused rules and objects. Without touching production devices, FSM can also model how a new rule, or change to an existing rule, will affect your firewall policy. FSM simplifies firewall troubleshooting for your multivendor, Layer 3 network devices, and helps fill gaps in your security rules.
Importing Configurations from Network Configuration Manager
After you set up Network Configuration Manager (NCM) to monitor your device configuration changes, and have installed FSM, you can import the device configuration files from NCM into FSM.
To import the device configuration files from NCM into FSM:
In the menu bar, click Add Firewall.
The Import New Firewall window opens.
Choose Import from NCM Repository, then click Next. The NCM Repository Connection Parameters window opens.
Enter the NCM Server URL, your Username and Password, then click Next.
Choose the device configurations to import into FSM.
After you choose device configurations to import, click Finish. FSM begins the import process.
When the import process is complete, the imported device configurations are available on the FSM Firewall Inventory tab.
You can now start analyzing the configurations you imported from NCM.
Generating Change Scripts to Run from NCM
To make changes to these configurations in FSM, start a change modeling session.
To start a change modeling session:
In the Firewall Inventory, chose the device.
In the menu bar, click Analyze Change > New Change Modeling Session.
A new Change Modeling Session opens.
You are ready to make changes to the configuration, and test the changes offline. Testing offline enables you to see the effect of your changes before you put them into production.
After you make changes to your configuration, click Generate Change Scripts. FSM generates a new Change Script. This script includes all the actions required to implement the changes you made to the specified device configuration.
Use NCM to load the change script. Choose the target device, and click Execute.
Together NCM and FSM make a great team to efficiently manage your device configurations!
For more details on Change Modeling, Virtual Packet Tracing, and other Firewall Security Manager functionality, visit our other resources on Thwack, the SolarWinds community.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.
Learn more today by joining now.