What does "Require Tag/Description on policies" do to existing rules?

Under Device > Setup > Management > Policy Rulebase Settings you can select to enforce Require Tag on policies and Require Description on policies. This is a great feature to ensure rules are all created uniformly, but what happens if you enable it when there already are rules created?



When you enable this option, each time you create a rule, either the tag field, or the description field (or both) become mandatory fields. This means you can't click the 'OK' button on a rule if either of these fields is left empty:


Luckily, all existing rules without a description or a tag do not prevent a commit from succeeding, but will instead cause an error message to appear during a commit, informing the admin that these rules do not have the required fields filled while the commit still succeeds:



Please leave a comment if you'd like me to explain any other features

Check out my book at amazon

Reaper out


90 views2 comments

Recent Posts

See All
  • Mastering Palo Alto Networks
  • PANgurus LinkedIn

©2020 by PANgurus.