We are newish to Palo Alto, and always working remote ( I’m based in a NOC ), other vendors have the feature were its possible to commit a config and if this is not confirmed after a period of time, the config rolls back. I cannot tell you the peace of mind this gives us that in the worst case scenario we will not find ourselves locked out of a customer with the site down. Its really slows us down not of have this, and is major negative for Palo Alto. I’m sure it must be relatively simple for developers to implement. On that subject are there any recommended self traffic polices that I can put at the top of the rulebase to ensure we can never lock our our SSH or WEB sessions to the device itself. Simon
... View more