Remove Deleted SaaS Policy Recommendation
Focus
Focus

Remove Deleted SaaS Policy Recommendation

Table of Contents

Remove Deleted SaaS Policy Recommendation

When a SaaS Security administrator pushes Security policy rule recommendations to a PAN-OS appliance, the PAN-OS administrator can import those rules to gain visibility into and control of the applications in the policy recommendation. However, if the SaaS Security administrator deletes the rule, you should also delete that rule from the PAN-OS appliance.
When a SaaS Security administrator deletes a rule, the Active Recommendation column shows the value removed (for valid rules, the value is active).
  1. Select a rule that the SaaS Security administrator removed (you can select only one rule to remove at a time).
    The Import Policy Rule option is grayed out because the rule can no longer be imported.
  2. Click Remove Recommendation Mapping.
    This removes local mapping of the Security policy rule on the firewall. For example, mappings to locations, users, and the rule are deleted. The Remove Recommendation Mapping dialog box shows you the location of the rule so that you know from where the rule is removed.
  3. Click OK.
  4. In the Confirm Change dialog, click Yes to remove the rule from the policy recommendation database.
    This action only removes the rule from the policy recommendation rule list. It does NOT remove the rule from the Security policy rulebase. You must manually remove the rule from the rulebase.
  5. A Status dialog appears to confirm that the policy recommendation mapping has been removed, but you still need to remove the rule from the Security policy rulebase.
  6. Go to PoliciesSecurity and delete the rule from the Security policy rulebase.