EDL Life Cycle Management Using AppViewX

What are EDLs (External Dynamic Lists) ?

An External Dynamic List is a text file hosted on an external web server that contains a list of IP Addresses, URLs, and domains. These text files are used by Palo Alto firewalls to update rule objects and enforce policies. The firewall is synchronized with the EDL list files in the webserver through a direct web link communication; whenever there is a change in the text file it imposes them on the firewall policies instantaneously. Thus, the usage of EDL lists can highly reduce the difficulty of frequent production firewall communication and rule modification.

Managing a few text files manually is a feasible operation. As the number of files grow, the task will eventually become tedious. If it’s a repetitive and mundane task, there are high chances of human error and risk. Also, if the changes on the files need to be tracked, it becomes another pain point. While dealing with all these actions in a production server, the probability of risk is very high. AppViewX, the Network Automation platform can simplify the process of managing the files in a production environment with its unified solution, solving the problems that every network engineer might go through.

What Appviewx Does?

The EDL text files in the web servers are highly prone to changes. AppViewX hosts the actual text files under its native web server, eliminating the need to purchase dedicated web servers to host the EDL Files.

AppViewX maintains RBAC (Role-Based Access Control) for users to make changes only in the file accessible to them based on their roles. AppViewX also maintains a complete Audit log of the entries that are added/deleted into each file. Once the changes are reflected in the text files, AppViewX instructs Palo Alto to retrieve the latest changes made in the EDL files.

How Does Appviewx Do It?

AppViewX provides a solution for this whole process through its Network Service Orchestration and Automation (SOAP) platform. This provides a simple user interface to collect input from the user and interact with the various components to implement the necessary changes.

1. Since AppViewX itself acts as the external web server, all the EDL files are placed in an isolated directory in the AppViewx server and that directory is made accessible through the web. This enables the firewall to read the EDL files through a web link and update the changes.
2. AppViewX maintains the complete list of files to be managed in a collection. Whenever a new file is included, AppViewX, by default, reads all the existing contents of the EDL file and stores them in its collection along with some metadata like user name, status (IN USE / DELETED), created and updated date time.
3. AppViewX displays the list of files in the user interface to be selected, that are accessible to the user. It also asks for an action either to modify the selected list or just view the contents of the list.
4. Upon selecting the modify option, AppViewX lists all the current entries of the selected file that are currently in use. Thus the user can select the entries from the list that need to be deleted or enter new entries to be added to the file.
5. Once the changes are input in the form, AppViewX makes the necessary changes to the files in the web directory and also updates the complete change logs in its own collection along with the metadata.
6. AppViewX also maintains a mapping of the EDL file to the firewall where the files are being consumed. Thus, AppViewX exhibits the intelligence to invoke the respective firewalls where the EDL files are linked and updates the changes.
7. Upon selecting the View option in the user interface, the entire content of the file will be displayed in a grid which can also be downloaded as a CSV / Excel sheet for further manipulation.

Thus, AppViewX manages and automates the entire EDL life cycle management for the firewall with few clicks and eliminates the need for manual file editing and risk-prone operations on the firewall every time.

What usually was a high-risk, high touch situation is made repeatable and scalable via AppViewX’s Intelligent SOAP ( Service Automation and Orchestration Platform ).

Curious to know more about AppViewX? Get in touch with our product experts.