Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FitzFort
New Contributor

Created on ‎11-04-2021 12:21 PM

Disabling policies

Hi, quick query just looking to disable some policies in my test lab

 

What is the best practice with Fortigate to disable before fully deleting policies?

4668
0 Kudos
1 Solution
Toshi_Esumi
SuperUser
SuperUser

Created on ‎11-04-2021 12:45 PM

Are you asking about the purpose of disabling policy? It might be used when you want/need to temporarily remove the policy from the policy lookup process. Maybe for debugging, or maybe it's not quite ready to be deployed for whatever the reason is. If don't foresee any chance to re-enable it, I would delete it instead.

View solution in original post

4089
0 Kudos
5 REPLIES 5
Toshi_Esumi
SuperUser
SuperUser

Created on ‎11-04-2021 12:45 PM

Are you asking about the purpose of disabling policy? It might be used when you want/need to temporarily remove the policy from the policy lookup process. Maybe for debugging, or maybe it's not quite ready to be deployed for whatever the reason is. If don't foresee any chance to re-enable it, I would delete it instead.

4090
0 Kudos
FitzFort
New Contributor
In response to Toshi_Esumi

Created on ‎11-04-2021 01:10 PM

Thanks very much I have the cookbook for it, do you have any links that show best practice, again thanks I appreciate it 

4031
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to FitzFort

Created on ‎11-04-2021 01:13 PM

I don't think any document as "best practive" for that.

4044
0 Kudos
FitzFort
New Contributor
In response to Toshi_Esumi

Created on ‎11-04-2021 03:11 PM

Thanks no worries 

4044
0 Kudos
emnoc
Esteemed Contributor III
In response to FitzFort

Created on ‎11-04-2021 03:43 PM

Yeah do not know a BCP per-se but we disable policy for pre-launch where we install them and let them sit until ready to go live same for when we tear-down policy and want a cool-down period. We might disable policyID 77 for 48hours and then delete

 

We do the same thing in my day job with junos and chkp.

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
4044
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.