Saturday, June 6, 2020

What are some good options for firewall configuration translation (e.g. converting ASA to SRX or Checkpoint)?

I know each vendor usually has a tool, but in my experience they're pretty crappy.

I've been thinking about starting an open source project, maybe creating a file format to import to/export from, and then creating scripts to translate to/from various firewalls. Not sure if something like this exists but I haven't found anything.

I do a lot of firewall migrations at my job, and I know each vendor has their own caveats and peculiarities (zones vs levels, etc.), but it seems like if I can abstract enough into concepts I could at least get the major parts to work like NATs, security rules, and VPNs.



No comments:

Post a Comment