Organizing firewalls by folders
To manage firewalls and their configuration, the SMC server relies on hierarchically organized folders to which firewalls are connected.
Since folders are dynamically managed, you can create, move and delete folders at any time.
Folders contain firewalls as well as global filter and NAT rules. A firewall connected to a sub-folder inherits rules configured in its parent folders. For more information on filter and NAT rules, refer to the section Creating filter and NAT rules.
A firewall can belong to only one folder at a time.
The default root folder MySMC cannot be deleted. You can rename it to fit your needs. If you do not create any folder trees, all firewalls will be connected to this root folder.
The tree is limited to four levels of sub-folders.
TIP
The Search field in the list of firewalls in Monitoring > Firewalls also applies to folder names.
Creating folders
- Go to the Firewalls and sub-folders tab in Configuration > Firewalls and sub-folders.
- Click on Create a sub-folder when you are in the desired parent folder.
Organizing firewalls
There are several ways to do so:
- When you create a new firewall from Monitoring > Firewalls or Configuration > Firewalls and folders, in the Firewalls and sub-folders tab, you can choose its location.
- You can move an existing firewall from the same panels by clicking on Move 1 firewall. Multiple firewalls may be selected.
Restricting administrators' write access privileges to certain folders
In SMC, administrators' write access privileges can be restricted to one or several folders. Likewise, the administration of a firewall group can be restricted to a single administrator, known as a "folder administrator", for security reasons. This administrator can look up the configuration of other firewalls that are connected to SMC, but in read-only access. The super administrator and general administrator can still access all folders in write mode.
Folder administrators can create and delete folders only in the folders on which they have write access privileges.
For more information on restricting folder administrators' access, refer to the section Restricting folder administrators' access privileges.
Removing folders
In the Firewalls and sub-folders tab in Configuration > Firewalls and folders, scroll over the folder name and select the red cross.
If you delete a folder, firewalls and rules in this folder will be moved by default to the parent folder.