Policy Rule Set Gateway and Management
Policy Rule Management
A policy rule set assigned to a gateway can be changed dynamically to a different policy rule set. If there is a requirement to swap in a different policy rule set to an active gateway, this operation can be initiated in a non-impactful way. The assignment of the new policy rule set operates similarly to a gateway update/upgrade process. New gateway instances are instantiated with the new policy rule set. New traffic sessions are redirected to the new gateway instances once they are active and healthy. Old traffic sessions are flushed from the old gateway instances. The old gateway instances are deleted. The operation completes in a matter of minutes. This change is initiated as part of the gateway configuration settings. Navigate to . The change can be initiated using the Multicloud Defense portal or the Multicloud Defense Terraform Provider.
Policy Rule Set Gateway Status
The status of the connection between the policy rule and the gateway it is associated with can be one of the two options:
-
Updated - The policy is active on the gateway and is synchronized with the controller.
-
Updating - The gateway is actively processing a policy change. The policy change is known to the gateway, but is not yet active. The gateway is still process traffic using the current policy.