There are a number of reasons why it could be interesting to assess the active Microgateway configurations.
- Reasons for assessing the configuration:
- Current attack vector (e.g. Log4Shell).
- Mistake in older template or guideline.
- Feedback from operations to adjust a setting.
- Before preventing a certain setting with a new policy.
- Get an overview of used features before upgrading.
- After upgrading to enable certain settings.
- ...
No matter the motivation, the aim is to find all configurations with a certain setting enabled, disabled, or not used at all. By identifying the affected configurations, further actions can be initiated.
Critical security settings should be enforced with policies. It is not recommended to assess active configuration to check policy compliance solely.