diff --git a/salt/firewall/soc_firewall.yaml b/salt/firewall/soc_firewall.yaml index 78c0ebc73..27c52e123 100644 --- a/salt/firewall/soc_firewall.yaml +++ b/salt/firewall/soc_firewall.yaml @@ -213,7 +213,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -338,7 +338,9 @@ firewall: DOCKER-USER: hostgroups: manager: - portgroups: *portgroupsdocker + portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -359,7 +361,7 @@ firewall: portgroups: *portgroupsdocker endgame: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -389,12 +391,16 @@ firewall: portgroups: *portgroupshost localhost: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -422,6 +428,8 @@ firewall: hostgroups: managersearch: portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -442,7 +450,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -472,12 +480,16 @@ firewall: portgroups: *portgroupshost localhost: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -509,6 +521,8 @@ firewall: portgroups: *portgroupsdocker fleet: portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -531,7 +545,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -565,12 +579,16 @@ firewall: portgroups: *portgroupshost standalone: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -793,7 +811,7 @@ firewall: portgroups: *portgroupsdocker elastic_agent_endpoint: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker