Remove Deleted SaaS Policy Recommendation
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Remove Deleted SaaS Policy Recommendation
When a SaaS Security administrator pushes
Security policy rule recommendations to a PAN-OS appliance, the
PAN-OS administrator can import those rules to gain visibility into
and control of the applications in the policy recommendation. However,
if the SaaS Security administrator deletes the rule, you should also
delete that rule from the PAN-OS appliance.
When a SaaS Security
administrator deletes a rule, the Active Recommendation column
shows the value removed (for valid rules,
the value is active).
- Select a rule that the SaaS Security administrator removed (you can select only one rule to remove at a time).The Import Policy Rule option is grayed out because the rule can no longer be imported.Click Remove Recommendation Mapping.This removes local mapping of the Security policy rule on the firewall. For example, mappings to locations, users, and the rule are deleted. The Remove Recommendation Mapping dialog box shows you the location of the rule so that you know from where the rule is removed.Click OK.In the Confirm Change dialog, click Yes to remove the rule from the policy recommendation database.This action only removes the rule from the policy recommendation rule list. It does NOT remove the rule from the Security policy rulebase. You must manually remove the rule from the rulebase.A Status dialog appears to confirm that the policy recommendation mapping has been removed, but you still need to remove the rule from the Security policy rulebase.Go to PoliciesSecurity and delete the rule from the Security policy rulebase.