Enforcement of Rule Description, Tag, and Audit Comment

Require that a description, tag or audit comment be entered when creating or editing a policy rule.
When you periodically review your policy rules, you need to know what each rule is intended to secure, the change history of the rule, how to tag rules so that you can organize your policy rule base, and how to locate a specific rule or set of rules. With Enforcement of Rule Description, Tag and Audit Comment, you require a description, audit comment, tag or a combination of the three, when administrators create or modify a rule in the policy rulebase. You can use this information for auditing, grouping, and change tracking for rules in your policy rule base. For uniformity, you specify what the audit comment can include.
By default, the description, tag, and audit comment enforcement settings are disabled. View the Rule Changes Archive to view the audit comment history for a selected rule.
  1. Log in to the firewall web interface.
  2. Select DeviceSetupManagement and edit the Policy Rulebase Settings.
  3. Configure the settings you want to enforce.
  4. Click OK to apply the new policy rulebase settings.
    edit-policy-rulebase-settings.png
  5. Commit your changes.
  6. Verify that the firewall is enforcing the new policy rulebase settings.
    1. Select Policies and Add a new rule.
    2. Confirm that you must add a tag and enter an audit comment before you can click OK.
    test-rule-policy-rulebase-setting-enforcement-example.png

Related Documentation