This tool provides a solution for decrypting sensitive parameters in a WatchGuard XTM configuration export file. It can also provide a mechanism to encrypt new values for these parameters.
- Version: 1.0.0
- Creation Date: 2023-03-01
- Last Updated: 2024-01-08
- Author: sjackson0109
- PowerShell 5.1 or later
- WatchGuard XTM configuration export file (.xml)
-
Download the
Encrypt-WatchguardParameter.ps1andDecrypt-WatchguardParameter.ps1scripts. -
Place the scripts in a directory accessible from your PowerShell environment.
-
Open PowerShell and navigate to the directory containing the scripts.
-
To encrypt sensitive parameters, use the
Encrypt-WatchguardParameter.ps1script with the-PlainTextparameter followed by the value to encrypt. Optionally, use the-VerboseModeswitch for detailed output.Example:
Encrypt-WatchguardParameter -PlainText 'YourSensitiveData' -VerboseMode
-
To decrypt encrypted parameters, use the
Decrypt-WatchguardParameter.ps1script with the-EncryptedTextparameter followed by the encrypted value. Optionally, use the-VerboseModeswitch for detailed output.Example:
Decrypt-WatchguardParameter -EncryptedText 'YourEncryptedData' -VerboseMode
-
Ensure that the encrypted values are safely stored and used in the WatchGuard XTM configuration file.
- Ensure that only authorized personnel have access to the encrypted values and decryption scripts.
- Always verify the integrity of the decrypted values after decryption.
- Protect the encryption keys used by the tool to prevent unauthorized access to sensitive information.
This project is licensed under the MIT License.
I'm looking to expand on this code, with the following:
- Import and Export of XML config files
- Auto-matically index all encrypted parameters
- Ability to decrypt-all parameters
- Ability to replace specific encrypted parameters with new unencrypted value
Am also open to ideas, please feel free to send some over...