Enforcement of Rule Description, Tag, and Audit Comment
Require that a description, tag or audit comment be entered when creating or editing a policy rule.
When you periodically review your policy rules, you need to know what each rule is intended to secure, the change history of the rule, how to tag rules so that you can organize your policy rule base, and how to locate a specific rule or set of rules. With Enforcement of Rule Description, Tag and Audit Comment, you require a description, audit comment, tag or a combination of the three, when administrators create or modify a rule in the policy rulebase. You can use this information for auditing, grouping, and change tracking for rules in your policy rule base. For uniformity, you specify what the audit comment can include.
By default, the description, tag, and audit comment enforcement settings are disabled. View the Rule Changes Archive to view the audit comment history for a selected rule.
- Log in to the firewall web interface.
- Select DeviceSetupManagement and edit the Policy Rulebase Settings.
- Configure the settings you want to enforce.
- Click OK to apply the new policy rulebase settings.
- Commit your changes.
- Verify that the firewall is enforcing the new policy
- Select Policies and Add a new rule.
- Confirm that you must add a tag and enter an audit comment before you can click OK.
Enforce Policy Rule Description, Tag, and Audit Comment
Require that a description, tag or audit comment be entered when creating or editing a policy rule. ...
Rule Changes Archive
View the audit comment history, config logs, and rule configuration changes from the Audit Comment Archive. ...
Push a Policy Rule to a Subset of Firewalls
Push a Policy Rule to a Subset of Firewalls A policy target allows you to specify the firewalls in a device group to which to ...
PAN-OS 9.0 supports Temporary Master Key Expiration Extension; Rule Changes Archive; Enforcement of Rule Description, Tag, and Audit Comment; Tag Based Rule Groups; Policy Match ...
Security Policy Security policy protects network assets from threats and disruptions and helps to optimally allocate network resources for enhancing productivity and efficiency in business ...
Policy Policies allow you to enforce rules and take action. The different types of policy rules that you can create on the firewall are: Security, ...
Audit Comment Archive
View the audit comment, configuration logs, and rule change history for a selected policy rule. ...
Create and Apply Tags
Create and Apply Tags Use tags to identify the purpose of a rule or configuration object, and help you better organize your rulebase. To ensure ...