Policy.w and Objects.c Files 1

[NH2]

I am trying to 'dump' my objects.c and <policy_name>.w files so I can email them. The security admin at the corporate office has requested these files from my sattelite office to review my firewall. Any ideas on how to save these 2 files? Any help is greatly appreciated!

 

[rn4it]

Well, there are a few ways, but it depends on what you and the Security Officer feel comfortable. You could do any of the following:
* Telnet/SSH on to the Mgmt server and cd $FWDIR/conf then ftp to a ftp server (secured) and ftp the files off. (unix or IPSO)NT you can just copy them off.
* If you backup the Mgmt server do a restore to an alternate location (not on the FW) and copy those files into the email.

Using email, I wouldn't, 2 main reason, depending on the number of objects and rules these files could get large and more importantly the public internet is not secure. Since it sounds like the corporte office has an FW, why not setup a site to site VPN and then setup a rule that'll allow the SA to access the Mgmt server as a read only account. If you have to email it, then at least encrypt you email (PGP, Invisible Secrets,etc) There would be nothing more embarasing then if someone just happened to capture your rulebase then hacked your FW or External server etc.