Hi All,
I was wondering if there are any plans to be able support the management of system firewalls via Endpoint Security/Elastic Agent?
Context, if I want to have system level firewall rules, I currently need to manage them via the system, and need to have stuff for each system (OS) type. I'd like to have a feature in Endpoint Security/Elastic Agent, that would let me manage the system firewalls from a centralized & standardized solution.
This is already something slightly possible with Endpoint Security Host Isolation (but this is more of a response action, rather than for persistent firewall management). There are other "manager" integrations as well with Elastic Agent integrations (OSQuery Manager, Auditd Manager), so, I don't think the concept is too foreign. I also believe there are some other EDR/AV solutions that offer this type of thing, so I was wondering if Elastic is planning offering a solution like this?