11-05-2010 11:40 AM
I can put in a feature request but I figure it's also worth asking here as maybe this is just something I'd find useful, maybe it isn't..
Are there any plans to allow colour coding of policies?
Even on our small scale PA-500 I find it quite difficult to quickly distinguish between inbound and outbound policies if I'm looking at the full list - being able to assign a colour would be great IMO.
From some screenshots I believe Panorama does something along these lines (not used it) with rules that are inherited on the box, it shows a green "fill" over some rules which is the sort of thing I'm referring to.
Thanks.
11-05-2010 12:07 PM
There will be a Tag column added to the security rule. A Tag is just a name - so you could have one rule with multiple Tags. For example DMZ, Server, Green, In - could all be Tags (Names) you add into the tag column. You can then filter the view on any one or more of the tags. So it is like being able to associate multiple rule names to one rule. This is really handy, since you may want to look at all the incoming rules, then the DMZ rules - but there is overlap here. The multiple tags allow for overlap and you can get the view required.
Does that help make it a little clearer?
Thanks
James
11-05-2010 11:55 AM
Hi Again 
Yes you can achieve filtering today via the rule name - so if you use a naming convention like rule1_DMZ_in. then you can search on any part - "in", "DMZ". This will allow you different views.
In the next release, we will offer rule tagging as well - which will allow you to filter the rule base on this and any other item you require, like an object or IP.
Thanks
James
11-05-2010 11:58 AM
Thanks James, I tend to use naming conventions and to an extent they work, I just think something like being able to tag a rule as green/orange/red/whatever would be a cool way of (for me) really quickly distinguishing rule flow.
Curious what you mean by tagging as I've read it a few times and still can't visualize what you mean?
11-05-2010 12:07 PM
There will be a Tag column added to the security rule. A Tag is just a name - so you could have one rule with multiple Tags. For example DMZ, Server, Green, In - could all be Tags (Names) you add into the tag column. You can then filter the view on any one or more of the tags. So it is like being able to associate multiple rule names to one rule. This is really handy, since you may want to look at all the incoming rules, then the DMZ rules - but there is overlap here. The multiple tags allow for overlap and you can get the view required.
Does that help make it a little clearer?
Thanks
James
11-05-2010 12:11 PM
Oh yeah cool I'm with you now, so as you said you could tag all your rules that are DMZ or "in" or "out" and do queries on that - sounds a useful feature
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
