This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
DotW: Autolock
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Blogs
- DotW: Autolock
reaper
Cyber Elite
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report This Content
12-06-2017
05:15 AM
In a team where multiple admins are responsible for the same systems, one always needs to coordinate config changes to prevent someone from pushing out or committing a change while someone else is still making changes, potentially committing an invalid or horribly wrong configuration.
To help prevent these kinds of conflicts, two kinds of locks are available to administrators: Commit Locks and Config Locks
As the name implies, a Commit Lock will prevent other admins from committing anything to the firewall until the lock has been released. This lock can be configured to be automatically acquired as soon as one administrator makes a change:
The lock will now first need to be cleared by the first administrator committing his configuration or relinquishing his lock to the second admin.
A lock can also be set manually, by clicking the little lock icon in the upper right-hand corner and selecting the type of lock:
While the Commit Lock prevents other administrators from committing their changes, but still allows them to edit the configuration, a Config Lock prevents all other administrators from making changes to the Candidate Config. You can also add a short description of what you are doing to notify other administrators of your activities:
Anyone trying to change the configuration will be greeted by this error message:
When needed, a lock can be removed by the administrator who acquired the lock, or a superuser.
This blurb is based on a discussiojn I had with @jdprovine the other day where the recommendation had been made to enable automatic Commit Lock, but the functionality had not been explained. I hope this blog post helps other admins make their life a little easier and safe from stepping on each others' toes 🙂
The original discussion can be followed here: autolock
Reaper out!
Labels:
3 Comments
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
About the Author
I drink and I know things
Labels
-
10.0
1 -
10.1
1 -
10.2
2 -
2 factor authentication
1 -
2020
1 -
2fa
1 -
3.0
1 -
30DaysCloud
5 -
5G
9 -
7000
2 -
7000 series
1 -
9.0
1 -
ACC
2 -
addressgroups
1 -
ADEM
1 -
admin
1 -
admin roles
2 -
administration
10 -
Administrator Profile
1 -
Adobe Acrobat
1 -
AdTacking
1 -
Advanced Threat Mitigation
1 -
Advanced URL Filtering
6 -
Agent
1 -
Agentless
1 -
agentless user id
1 -
AIOps
9 -
AIOps for NGFW
4 -
AIOps NGFW
6 -
ALERTS
1 -
Alibaba
1 -
Alibaba Cloud
3 -
AMA
7 -
Analytics
3 -
Announcement
2 -
Aperture
3 -
API
6 -
API Security
1 -
App-ID
14 -
App-Portal
1 -
application
1 -
Application Framework
4 -
Application Override
1 -
applications
2 -
apps
1 -
Apps Threats Content Update
1 -
Ask Me Anything
3 -
Asset Detail View
1 -
Asset inventory
1 -
ATP
1 -
Authentication
2 -
Authentication Sequence
1 -
autofocus
10 -
autofocus threat
1 -
Automation
1 -
Autonomous
2 -
Autonomous DEM
3 -
Autonomous Digital Experience Management
2 -
AWS
20 -
Azure
14 -
Beacon
11 -
Best Practice
2 -
Best Practice Assessment
4 -
Best Practices
6 -
Blog
1 -
Books
1 -
BPA
7 -
BPAPlus
1 -
Bridgecrew
2 -
Canon
1 -
CASB
1 -
Case Creation
4 -
case management
1 -
Cases
1 -
categories
3 -
CDSS
5 -
certificate
1 -
Certificates
1 -
Certification
2 -
Certifications
3 -
Certifications & Exams
3 -
Checkov
1 -
ci cd
1 -
Cisco ACI
2 -
CLI
2 -
CLI Command
2 -
CLI Reference Guide
1 -
cloud
48 -
cloud code security
1 -
Cloud Identity Engine
5 -
cloud managed prisma access
2 -
Cloud NGFW
3 -
Cloud NGFW for AWS
7 -
Cloud Security
12 -
cloud service
3 -
Cloud Services Portal
3 -
CloudBlade
2 -
CloudBlades
4 -
cloudgenix
4 -
CloudSecured
1 -
CN-Series
21 -
CNAME Cloaking
1 -
Code Security
1 -
Code Security module
1 -
Commit Process
1 -
community
122 -
Community Experience Refresh
1 -
community feedback
1 -
Community Guidance
2 -
community news
11 -
Community Team
1 -
company and culture
2 -
Compatibility
1 -
Compatibility View
1 -
Compute Edition
3 -
Configuration
20 -
Configuration and Management
5 -
consulting
1 -
Container
1 -
Containers
1 -
Content Updates
1 -
Content-ID
1 -
Cortex
46 -
Cortex Data Lake
10 -
Cortex XDR
49 -
Cortex XDR 2.0 Features
2 -
Cortex XDR 2.2 Features
1 -
Cortex XDR 2.3
1 -
Cortex XDR 2.4 Features
1 -
Cortex XDR 2.5 Features
1 -
Cortex XDR 2.6 Features
1 -
Cortex XDR 2.7 Features
1 -
Cortex XDR 2.9 Features
1 -
Cortex XDR 3.0 Features
1 -
Cortex XDR 3.1
1 -
Cortex XDR 7.4 Features
1 -
Cortex XDR 7.5 Features
1 -
Cortex XDR Agent
3 -
Cortex XDR Agent 7.3 features
1 -
Cortex XDR Features
1 -
Cortex Xpanse
7 -
Cortex XSIAM
1 -
Cortex XSOAR
41 -
Cortex XSOAR Webinar
1 -
COVID-19
2 -
credits
1 -
csp
12 -
CSP outage
1 -
custom report
2 -
custom reports
2 -
Custom Signatures
1 -
Customer Experience
2 -
Customer Help
2 -
Customer Journey
1 -
Customer News
4 -
Customer Success
15 -
Customer Support Portal
5 -
Customer Support Resources
1 -
CVE-2021-1675
1 -
CVE-2022-22963
1 -
CVE-2022-22965
1 -
CWPP
1 -
CX Day
3 -
CXDay2020
1 -
cyber elite
21 -
Cyber Elite Program
26 -
cyberelite
17 -
cybersecurity
11 -
Cybersecurity Academy
1 -
Data Center
1 -
data lake
1 -
Data Loss Prevention
6 -
Data Loss Prevention 7000
1 -
data pattern
1 -
Data Security
1 -
dataplane
1 -
DDoS
1 -
Debug
4 -
Decryption
5 -
Dependency
1 -
Deployment
1 -
Detection and Response
1 -
dev_ops
1 -
Developers
1 -
device management
1 -
DevSecOps
1 -
Discovery
1 -
discussion
2 -
discussions
1 -
DLP
5 -
dns
8 -
DNS Security
12 -
DoS Protection
1 -
dotw
8 -
Download
1 -
Drift Detection
1 -
Dynamic Updates
1 -
Dynamic Updates - Antivirus
1 -
EDL
3 -
edu
1 -
EDU-114
1 -
Education
17 -
Education Services
10 -
Educational Services
7 -
ela
1 -
email notification
1 -
Email Notifications
1 -
End of life
1 -
Endpoint
8 -
Endpoint Security Manager (ESM)
2 -
Enterprise
1 -
EOL
1 -
Error Message
1 -
Event
2 -
Events
74 -
Exams
1 -
Expedition
3 -
Expert Program
1 -
FAQ
1 -
feature request
1 -
FeatureRequest
2 -
Features
4 -
File Blocking
1 -
Filtering
2 -
filters
1 -
Firewall
87 -
Flow Logs
1 -
fuel
5 -
Fuel User Group
11 -
Fundamentals
1 -
gateway
1 -
gateway selection
1 -
gcp
6 -
Getting Started
1 -
Github
1 -
Global
1 -
Global Protect
1 -
GlobalProtect
45 -
GlobalProtect 5.0
3 -
GlobalProtect App
2 -
GlobalProtect Cloud Service
2 -
GlobalProtect HIP check
1 -
GlobalProtect Portal
1 -
GlobalProtect-COVID19
24 -
GlobalProtect-Resources
19 -
google
1 -
Google Chrome extension
1 -
google cloud platform
3 -
GP
3 -
GPCS
1 -
Grateful
1 -
Grayware
2 -
Guidance and Guidelines
2 -
ha
1 -
Happy Holidays
1 -
Hardening
1 -
Hardware
3 -
High Availability
1 -
HIP
1 -
HIP Check
1 -
How to
8 -
How-to
3 -
how_to
2 -
HTTP
1 -
hub
6 -
Hybrid Cloud
3 -
Hyper Scale
1 -
IAC
3 -
ICS
1 -
Identity
1 -
ignite
4 -
Ignite '22
2 -
Ignite 2021
8 -
Ignite 2022
13 -
Ignite 21
1 -
Ignite 22
4 -
Ignite conference
2 -
ignite2019
3 -
Ignite2020
8 -
Ignite21
5 -
IGNITEQ&A
1 -
initial configuration
1 -
Interactive Event
2 -
Interactive Events
1 -
Internet of Things
1 -
Investigation
1 -
IoMT
3 -
ION
1 -
IoT
18 -
IoT Security
29 -
IPSec
2 -
IPv6
1 -
Iron Skillet
1 -
IronSkillet
1 -
Kubernetes
4 -
LatinxHeritage
1 -
LatinxHeritageMonth
4 -
Learning
3 -
Learning Center
1 -
license
1 -
License Keys
1 -
licenses
2 -
licensing
1 -
live community
3 -
Live Community Help
4 -
livecommunity
10 -
log forwarding
5 -
Log Forwarding and Alerting
1 -
log retention period
1 -
Log Settings
1 -
Log4Shell
1 -
Logging
7 -
logging service
3 -
logging_services
1 -
login
1 -
LogJam
1 -
Logs
1 -
Mac OS X
1 -
machine learning
7 -
MacOS
2 -
Magnifier
1 -
Malware
4 -
Manage Drift
1 -
managed services
1 -
Management
30 -
Management & Administration
2 -
Mapping
3 -
MDR
1 -
MFA
3 -
micro-credentialing
1 -
Microsoft 365
1 -
Migration
3 -
Migration Tool
2 -
minemeld
2 -
Misconfiguration
1 -
ML-Powered NGFW
5 -
Mobile Workforce
1 -
Monthly Release
1 -
MSP
3 -
MSSP partners
1 -
multi factor authentication
1 -
Multi-Category URL Filtering
2 -
multi-factor authentication
1 -
multi-vsys
1 -
Nebula
2 -
Network
1 -
Network Exposure
1 -
Network Perimeter
2 -
network security
36 -
Network Security Management
1 -
Networking
1 -
New Features
8 -
News
3 -
Next-Generation Firewall
13 -
Next-Generation Firewall. NGFW
3 -
Next-Generation Firewalls
1 -
NGFW
53 -
NGFW Configuration
25 -
notifications
1 -
NOVA
1 -
NPI
1 -
NSX
2 -
NSX-T
2 -
nutanix
1 -
OCI
3 -
office 365
1 -
Okta
1 -
on demand
2 -
Oracle Cloud
2 -
Oracle Cloud Infrastructure
5 -
OT
1 -
Out of Band WAAS
1 -
PA Firewall
1 -
PA-220R
1 -
PA-7000 Series Firewall
1 -
Palo Alto Networks
1 -
PAN-OS
75 -
PAN-OS 10.0
4 -
PAN-OS 10.1
4 -
PAN-OS 10.2
2 -
PAN-OS 11.0
1 -
PAN-OS 9.0
7 -
PAN-OS 9.1
2 -
PANCast
1 -
Panorama
35 -
Panorama Configuration
5 -
panorama_csr
1 -
PANOS-9.0
2 -
Parked
1 -
Path Visibility
1 -
PCCET
2 -
PCCSA
3 -
PCNSA
4 -
PCNSE
9 -
PDF summary report
1 -
Phishing
1 -
plugin
3 -
policies
1 -
policy
2 -
Postman
1 -
Pre-Logon
1 -
PrintNightmare
1 -
prisma
23 -
Prisma "cloud code security" (CCS) module
2 -
Prisma Access
42 -
Prisma Access 2.0
1 -
Prisma Access 2.0 Upgrade
1 -
prisma access app
1 -
Prisma Access Cloud Management
3 -
prisma access insights
2 -
Prisma Access MSP
4 -
Prisma Cloud
19 -
Prisma Cloud Code Security
1 -
Prisma Cloud Compute Edition
2 -
Prisma Cloud Data Security
1 -
Prisma Cloud Enterprise Edition
1 -
Prisma Coud
1 -
Prisma SaaS
5 -
Prisma SASE
4 -
prisma SD-WAN
15 -
PrismaAccess
2 -
PrismaAccess-COVID19
11 -
prismaaccessinsights
2 -
Privacy Data Sheets
1 -
Private Cloud
4 -
Professional Services
2 -
Proxy
1 -
Proxy Avoidance
2 -
Public Cloud
2 -
Query Builder
1 -
Questionable
1 -
Quickplay Solutions
2 -
Release Notes
5 -
Release-Notes
3 -
Remediation
1 -
Remote Code Execution
1 -
Remote location
1 -
Remote Networks
2 -
report group
1 -
reporting and logging
2 -
Reports
3 -
Resource Explorer
1 -
Resources
4 -
RQL
2 -
RSA
1 -
Rule
1 -
saas
6 -
Saas Security
5 -
SAML
2 -
SASE
12 -
SCADA
1 -
scanning
1 -
SD-WAN
13 -
Second Watch
1 -
Secure Input
1 -
secureinput
1 -
Security
9 -
Security Advisory
1 -
Security Operations
1 -
security policy
5 -
security profile
1 -
Security Profiles
2 -
security Service
2 -
Service Provider
1 -
Services
3 -
session
1 -
Setup & Administration
2 -
Shift-Left
2 -
SIEM
1 -
Skillets
3 -
Smart NIC
1 -
smb
1 -
SNMP Monitoring
1 -
Social Media
1 -
Software
1 -
Software Composition Analysis
1 -
SolarStorm
1 -
SolarWinds
1 -
Spark User Summit Event
1 -
Split Tunneling
1 -
Spring Framework
1 -
SpringShell
1 -
SSL
1 -
SSL Decryption
5 -
SSL Forward Proxy
1 -
strata
5 -
Strata Firewall
2 -
Subscriptions
1 -
SUNBURST
1 -
Supply Chain Security
1 -
Support
26 -
Support Guidance
1 -
support portal
1 -
Symphony
1 -
Symphony 2023
1 -
TCP
1 -
Technologies
3 -
Terraform
3 -
Thankful 2020
1 -
Thanksgiving
1 -
Threat
29 -
Threat Detection
2 -
Threat Intelligence Management
3 -
threat log
1 -
Threat Management
4 -
threat prevention
7 -
Threat Prevention License
1 -
threat protection
1 -
Threat Vulnerability Advisory
1 -
Threats
2 -
Tips & Tricks
6 -
tls
1 -
TMS
4 -
Tools
3 -
Training
1 -
Traps
8 -
Traps Agent
8 -
Traps Management Service
4 -
Troubleshooting
8 -
Tutorial
13 -
Unified Asset Inventory
1 -
unit 42
20 -
unit42
6 -
upgrade
3 -
url categories
2 -
URL Filtering
12 -
URL Filtering (PAN-DB)
3 -
URL-Filtering
1 -
User Context
1 -
User-ID
8 -
User-ID & Authentication
1 -
User-ID mapping
2 -
userid
2 -
users
1 -
Veteran Training
3 -
Veterans Day
1 -
Video
8 -
Videos
4 -
VIP
1 -
Virtualization
7 -
VirusTotal
1 -
VM
1 -
VM-Series
56 -
VM-Series on AWS
4 -
VM-Series on Azure
3 -
VMware
1 -
VPN
2 -
Vsys
1 -
Vulnerability
16 -
Vulnerability Protection
3 -
WAAS
2 -
Web Application & API Security
1 -
webcast
1 -
Webinar
6 -
Wildcard DNS Abuse
1 -
WildFire
15 -
Wildfire API
1 -
Women's Equality Day
1 -
XDR
1 -
Xpanse
2 -
XSIAM
1 -
XSOAR
8 -
Year in Review
1 -
Yor
1 -
YouTube
3 -
Zero Trust
11 -
Zero Trust Network
2 -
Zero Trust Network Security
9 -
Zone Protection
1 -
ztna
1
- Previous
- Next
Top Liked Posts
| Subject | Likes |
|---|---|
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks