Firewall Policy Locking Modes
Starting in Security Director Release 18.3R1, you can manually lock a policy. By default, the locking mode for policies is automatic and policies are automatically locked when you start editing the rules. When you leave the rules editing page, the policy is automatically unlocked. The timeout interval for automatic locking is 15 minutes.
However, if required, you can choose the option to manually lock a policy. There is no timeout interval in case of manual lock. When you lock the policy and leave the page or log out, the policy remains locked. After you have completed editing the policy, you can unlock the policy and it then becomes available to other users for editing. The policy can be unlocked by the same user or by any other user with the same RBAC permissions. Only those users who have the permission to lock or unlock a policy are able to toggle between automatic mode and manual mode.
Manually Locking a Policy
To manually lock a policy:
In the manual mode, if the user starts to edit the policy without manually locking it, the policy is locked by the system like in auto mode. However, the user must manually unlock the policy and then it will be available for other users for editing.
Manually unlocking a Policy
To manually unlock a policy:
If User1 has locked a policy and User2 with the same RBAC capability unlocks the same policy, then a message is displayed that any unsaved changes made by User1 will be lost.
Switching Manual Lock to Automatic Lock for a policy
While switching from manual lock to automatic lock and vice versa, all the existing locks in the policies will be released.
To switch to automatic locking mode:
In the auto mode, the policies are automatically locked when a user starts editing the rules.