We are newish to Palo Alto, and always working remote ( I’m based in a NOC ), other vendors have the feature were its possible to commit a config and if this is not confirmed after a period of time, the config rolls back. I cannot tell you the peace of mind this gives us that in the worst case scenario we will not find ourselves locked out of a customer with the site down. Its really slows us down not of have this, and is major negative for Palo Alto. I’m sure it must be relatively simple for developers to implement.
On that subject are there any recommended self traffic polices that I can put at the top of the rulebase to ensure we can never lock our our SSH or WEB sessions to the device itself.
There is already a popular feature request for this feature. FR ID is 204. You can also ask your SE to vote for this feature.
Policies depend on the type of self traffic you are receiving, you can segregate the policies on the basis of management traffic, routing protocol traffic and VPN traffic
Hope it helps !
Feature requests at Palo Alto are handled by the Sales team. They have a database and assign a number to each request (FR204 in this case, tells you how long ago this hit the db). Customers then tell their sales engineer which features they want to "vote" for. These user vote counts are then taken into consideration during the road map process at PA.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!