Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

I built an open-source Firefox Enterprise policy manager and would love feedback from admins and power users

Goudron
Making moves

‎23-05-2026 02:58 AM

Hi everyone,

My name is Valery Ledovskoy. I have been contributing pro bono to Mozilla localization for about 10 years, mainly through SUMO and Pontoon for the Russian locale.

I would like to share a personal open-source project I have been working on: Browser Policy Manager, or BPM.

Goudron_3-1779530113788.png

This is not an official Mozilla tool. It is a community project focused on Firefox Enterprise policies and the practical work around `policies.json`.

The reason I started building it is simple: Firefox Enterprise policies are powerful, but working with `policies.json` directly can be a high-friction experience. For many system administrators, security teams, and advanced users, the current workflow often means reading policy documentation, manually writing JSON, checking whether the result is valid, and then testing it in a real Firefox deployment.

That works, but it is not always comfortable as a day-to-day operational workflow — especially when you need to maintain several policy profiles, compare them, reuse baselines, or explain what a profile actually does.

BPM tries to make this workflow more approachable without hiding the underlying Firefox policy model.

At the moment, the project provides:

- a database-backed library of Firefox Enterprise policy profiles;

Goudron_1-1779529925117.png

- support for CIS Benchmark-based policy profiles;
- import and export of deployable Firefox `policies.json` documents;
- version-aware validation against bundled Firefox policy schemas;
- support for current Firefox ESR and Release schema channels;
- profile lifecycle actions such as create, edit, duplicate, archive, restore, and export;
- profile comparison and review workflows;
- a guided editor for common administrator and security-team scenarios;

Goudron_2-1779530015958.png

- an “All settings” editor for searching and editing the full visual catalog of supported policy controls;

Goudron_4-1779530187242.png

- a JSON editor for direct `policies.json` editing;

Goudron_5-1779530253746.png

- a responsive UI that works not only on desktop screens, but also on mobile devices;
- English and Russian localization in the current 0.7.7 version;
- a FastAPI backend and API surface for integration scenarios;
- MPL-2.0 licensing.

For version 0.8, I am preparing additional localizations: German, Spanish, French, and Chinese. The goal is to make BPM available in six languages: English, Russian, German, Spanish, French, and Chinese.

For version 0.9, I am also preparing a larger documentation layer around the project, with support for the same six languages. This documentation work is expected to include:

- BPM user and administrator documentation;
- contextual documentation for Firefox Enterprise policies;
- documentation related to CIS Benchmark-based configuration profiles;
- documentation built with DITA Open Toolkit;
- smarter search across the documentation;
- and, later, a RAG-based assistant for asking free-form questions about the documentation and policy configuration scenarios.

One important product idea behind BPM is that a Firefox policy profile should be treated as a managed object, not just as a JSON file. The same profile should be possible to create visually, inspect in detail, validate, compare, export, archive, restore, and — when needed — edit directly as JSON.

I am also thinking about BPM as something that could be integrated into broader administrative or security workflows. For example, the API could potentially be used by:

- endpoint configuration management systems that need to generate or validate browser policy baselines;
- secure configuration management tools that track hardening profiles across deployed software;
- browser posture or extension governance systems;
- compliance and audit workflows that need to compare expected and actual browser configuration;
- internal IT portals where administrators prepare standard profiles for workstations, shared devices, kiosks, or high-restriction environments;
- security automation tools that need to produce a valid Firefox policy artifact as part of a larger configuration process.

I would be especially grateful for feedback from people who manage Firefox in real environments, or who have strong opinions about enterprise browser configuration.

The questions I am trying to validate are:

- Are the Firefox policies represented correctly?
- Are the CIS Benchmark-based profiles useful and understandable?
- Are the editing modes useful, or is the workflow too complex?
- Does the split between guided editing, full visual settings, and raw JSON editing make sense?
- Is the responsive UI usable enough on mobile devices for review and quick edits?
- Which enterprise scenarios are missing?
- Which policies or policy groups should be prioritized?
- Would this be useful for small teams, schools, nonprofits, or only for larger enterprise environments?
- Are there existing Firefox Enterprise workflows that BPM should fit into more naturally?
- Is there anything in the terminology or UX that feels confusing from a Mozilla / Firefox Enterprise point of view?

Localization help is not needed yet, but later I may ask for help with reviewing and testing UI text in additional languages.

If the project looks useful, feedback, issues, suggestions, and GitHub stars are all very welcome. A star would help the project become more visible to other Firefox admins and people interested in enterprise policy tooling.

GitHub:
https://github.com/Goudron/browser-policy-manager

Thank you!

0 REPLIES 0
Copyright © 2026 Khoros, LLC