Commit Changes
Click 
. You can filter pending changes by administrator
or location and then preview, validate, and commit
only those changes. The location can be specific virtual systems,
shared policies and objects, or shared device and network settings.
Commit
at the top right
of the web interface and specify an operation for pending changes
to the firewall configuration: commit (activate), validate, or preview
. You can filter pending changes by administrator
or location and then preview, validate, and commit
only those changes. The location can be specific virtual systems,
shared policies and objects, or shared device and network settings.The firewall queues commit requests so that you can initiate
a new commit while a previous commit is in progress. The firewall
performs the commits in the order they are initiated but prioritizes auto-commits
that are initiated by the firewall (such as FQDN refreshes). However,
if the queue already has the maximum number of administrator-initiated
commits, you must wait for the firewall to finish processing a pending
commit before initiating a new one.
Use the Task
Manager to cancel commits or see details about commits that
are pending, in progress, completed, or failed.
The Commit dialog displays the options described in the following
table.
Field/Button | Description |
|---|---|
Commit All Changes | Commits all changes for which you have administrative privileges
(default). You cannot manually filter the scope of the configuration
changes that the firewall commits when you select this option. Instead,
the administrator role assigned to the account you used to log in
determines the commit scope:
If
you have implemented access domains, the firewall automatically
applies those domains to filter the commit scope (see Device
> Access Domain). Regardless of your administrative role,
the firewall commits only the configuration changes in the access
domains assigned to your account. |
Commit Changes
Made By | Filters the scope of the configuration changes
the firewall commits. The administrative role assigned to the account
you used to log in determines your filtering options:
Filter the commit scope as follows:
If you have implemented access
domains, the firewall automatically filters the commit scope based
on those domains (see Device
> Access Domain). Regardless of your administrative role
and your filtering choices, the commit scope includes only the configuration
changes in the access domains assigned to your account. After
you load a configuration (Device
> Setup > Operations), you must Commit All Changes .When
you commit changes to a virtual system, you must include the changes
of all administrators who added, deleted, or repositioned rules
for the same rulebase in that virtual system. |
Commit Scope | Lists the locations that have changes to
commit. Whether the list includes all changes or a subset of the
changes depends on several factors, as described for Commit
All Changes and Commit
Changes Made By. The locations can be any of the following:
|
Location Type | This column categorizes the locations of
pending changes:
|
Include in Commit ( Partial
commit only ) | Enables you to select the changes you want
to commit. By default, all changes within the Commit
Scope are selected. This column displays only after
you choose to Commit Changes Made By specific
administrators.There might be dependencies that affect
the changes you include in a commit. For example, if you add an
object and another administrator then edits that object, you cannot commit
the change for the other administrator without also committing your
own change. |
Group by Location Type | Groups the list of configuration changes
in the Commit Scope by Location
Type . |
Preview Changes | Enables you to compare the configurations
you selected in the Commit Scope to the running
configuration. The preview window uses color coding to indicate
which changes are additions (green), modifications (yellow), or
deletions (red).To help you match the changes to sections
of the web interface, you can configure the preview window to display Lines
of Context before and after each change. These lines are
from the files of the candidate and running configurations that
you are comparing.Because the preview results display
in a new browser window, your browser must allow pop-ups. If the
preview window does not open, refer to your browser documentation
for the steps to allow pop-ups. |
Change Summary | Lists the individual settings for which
you are committing changes. The Change Summary list
displays the following information for each setting:
Optionally,
you can Group By column name (such as Type ). |
Validate Commit | Validates whether the firewall configuration
has correct syntax and is semantically complete. The output includes
the same errors and warnings that a commit would display, including
rule shadowing and application dependency warnings. The validation
process enables you to find and fix errors before you commit (it
makes no changes to the running configuration). This is useful if
you have a fixed commit window and want to be sure the commit will
succeed without errors. |
Description | Allows you to enter a description (up to
512 characters) to help other administrators understand what changes
you made. The System log for a commit event will truncate
descriptions longer than 512 characters. |
Commit | Starts the commit or, if other commits are
pending, adds your commit to the commit queue. |
