Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Firewall Policy Locking Modes

Starting in Security Director Release 18.3R1, you can manually lock a policy. By default, the locking mode for policies is automatic and policies are automatically locked when you start editing the rules. When you leave the rules editing page, the policy is automatically unlocked. The timeout interval for automatic locking is 15 minutes.

However, if required, you can choose the option to manually lock a policy. There is no timeout interval in case of manual lock. When you lock the policy and leave the page or log out, the policy remains locked. After you have completed editing the policy, you can unlock the policy and it then becomes available to other users for editing. The policy can be unlocked by the same user or by any other user with the same RBAC permissions. Only those users who have the permission to lock or unlock a policy are able to toggle between automatic mode and manual mode.

Manually Locking a Policy

To manually lock a policy:

  1. Select Configure>Policy-Name Policy>Policies.
  2. Select Manual Mode from the Locking list.

    A warning message is displayed.

  3. Click Yes to toggle the locking mode.

    All the existing locks in the policies are released and the user is switched to manual mode.

  4. Right-click the policy that you want to edit, or select Lock Policy from the More list.

    A message is displayed for confirmation.

  5. Click Yes to lock the policy.

    The policy will be locked. You can see a lock icon next to the check box on the policies page.

Note:

In the manual mode, if the user starts to edit the policy without manually locking it, the policy is locked by the system like in auto mode. However, the user must manually unlock the policy and then it will be available for other users for editing.

Manually unlocking a Policy

To manually unlock a policy:

  1. Select Configure>Policy-Name Policy>Policies.
  2. Right-click the policy that you want to unlock, or select Unlock Policy from the More list.

    A message is displayed for confirmation.

  3. Click Yes to unlock the policy.

    The policy will be unlocked. The lock icon next to the check box will disappear.

Note:

If User1 has locked a policy and User2 with the same RBAC capability unlocks the same policy, then a message is displayed that any unsaved changes made by User1 will be lost.

Switching Manual Lock to Automatic Lock for a policy

While switching from manual lock to automatic lock and vice versa, all the existing locks in the policies will be released.

To switch to automatic locking mode:

  1. Select Configure>Policy-Name Policy>Policies.
  2. Select Auto Mode from the Locking list.

    A warning message is displayed.

  3. Click Yes to toggle the locking mode.

    All the existing locks in the policies are released and the user is switched to Auto mode.

Note:

In the auto mode, the policies are automatically locked when a user starts editing the rules.