|
The feature will allow scheduling a firewall policy to expire after a certain period for a special event on the network.
To configure firewall policy expiration in the GUI, the feature must first be enabled in Feature Visibility.
- Go to System -> Feature visibility.
- Enable the workflow management.
Next, go to Policy & Objects -> Firewall and select 'Create New' to create the firewall policy.
After configuring the required source and destination interface/IP address, it is possible to see a section workflow Management with Policy expiration with Default and Specify.
By default, the policy would expire in 30 days, whereas in Specify to can specify the date and time for the expiration.
To configure the same on the CLI, follow the command below.
config firewall policy
edit <Policy ID>
set policy-expiry enable
set policy-expiry-date 2022-10-03 15:45:12
end
The Date and time format to be followed on the CLI would be YYY-MM-DD HH:MM:SS.
Once the policy is added, a log entry will be generated under the System Event Logs, as shown below:
Logs & Report -> System Event logs -> General Event logs:
When a policy reaches its expiration time, a warning icon appears next to the policy name, as shown below:
Related document:
Add Policy change summary and Policy expiration to Workflow Management
|
