On This Page
Rule Decommission Field
This topic is intended for SecureChange workflow owners, who are responsible for creating and maintaining workflows. |
When you configure workflow steps, the rule decommission
In a Rule Decommission workflow, when multiple tasks are opened on the same step by Dynamic Assignment, no changes can be made to the rules or objects within the rules, and all tools (such as Designer and provisioning) are disabled for the handlers, even if the same handler is configured for all the tasks in the step.
Topology and Auto Close are not available for workflows that include the rule decommission field.
General
- Read-only - The handler of this step can view the contents but not edit values of the field.
Show
-
Designer tool - Lets the handler of the step use the Designer tool, which gives more precise recommendations for how to change a rulebase by using topology information and current rulebase data in SecureTrack. In the properties of the step, you can set the Designer to run as an auto step for supported devices. You cannot enable the Designer tool for the first step of a workflow.
For each step that you enable the Designer tool, you can allow the handler to either:
- Allow all: Allows design, update, and commit by Designer.
- Allow design and update only: View the Designer recommendations for policy updates and then provision the Designer recommendations by saving the policy updates to devices. (For devices where Provisioning is supported)
- Allow commit only: Commit the current policy from the management device onto associated child firewall devices. (For management devices where Committing Changes is supported)
- Verifier tool - Lets the handler of the step use the Verifier tool, which shows the handler whether the request patterns in the field are implemented in actual device policies. In the properties of the step, you can set the Verifier to run as an auto step.