Focus

View Rules by Tag Group

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Version
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
Networking
Version
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
AIOps
Incidents & Alerts
Release Notes
Version
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)

Modify Tags

Tag Browser

View Rules by Tag Group

View your policy rulebase as tag groups.

View your policy rulebase as tag groups to visually group rules based on the tagging structure you created. In this view, you can perform operational procedures such as adding, deleting, and moving the rules in the selected tag group more easily. Viewing the rulebase as tag groups maintains the rule evaluation order and a single tag may appear multiple times throughout the rulebase to visually preserve the rule hierarchy.

You must create the tag before you can assign it as a group tag on a rule. Policy rules that are already tagged on upgrade to PAN-OS 9.0 have the first tag automatically assigned as the Group tag. Before you upgrade to PAN-OS 9.0, review the tagged rules in your rulebase to ensure rules are correctly grouped. You must manually edit each tag rule and configure the correct Group tag if your rules are grouped incorrectly after you upgrade to PAN-OS 9.0.

Launch the Web Interface.
Create and Apply Tags you want to use for grouping rules.
Assign a policy rule to a tag group.
1. Create a policy rule. Refer to Policy for more information on creating policy rules.
2. In the Group Rules by Tag field, select the tag from the drop-down and click OK.
3. Commit your changes.
View your policy rulebase as groups.
1. (Panorama only) From the Device Group, select the device group rulebase to view or view all Shared rules.
2. Click Policies and select the rulebase where you created the rules in Step 2.
3. Select the View Rulebase as Groups option (at the bottom).
  
  Rules not assigned a tag group display as None.
Perform Group operations as needed.
1. Click Group to perform group operations for rules in the selected tag group.
  (Panorama only) Move rules in group to a different rulebase or device group—Move all policy rules in the selected tag group to the Pre-Rulebase or Post-Rulebase or move them to a different device group.
  Change group of all rules—Move all rules in the selected tag group to a different tag group.
  Move all rules in group—Move all rules in the selected tag group to change the rule priority order.
  Delete all rules in group—Delete all rules in the selected tag group.
  Clone all rules in group—Clone all rules in the selected tag group.
2. Commit your changes.