Manage Security Policies
Cisco Defense Orchestrator
Resources for which user-defined rules exist are displayed by default. Rules can be modified by first searching for the desired resource, then drilling down to manage how traffic to that resource is handled by each security appliance.
Once policy changes are staged, they may be reviewed and deployed to live security appliances.
During the ideation stage, we identified opportunities to provide users with rich visual feedback about the changes being staged to their security appliances. A status bar at the bottom of the screen lets the user see their most recent staged policy change, with the option to undo and redo the stack of changes, while also providing a cumulative summary of policy changes not yet deployed.
Staging Changes with Paged Results
We also identified an interesting challenge: how do we enable users to modify rules not only for the security appliances in the current page of results, but across all results, including those not currently loaded by the client?
Our proposal allows a user to toggle whether they would like the rule to be modified across all filtered security appliances in the result set, or just the currently selected devices. We persist the user's preference as they move between resources, enabling them to easily manage a subset of filtered security appliances.
Thanks to Genja Teleganov for his awesome collaboration.