Hey everyone. I had a quick question about what could be a good practice when a person is performing a change on a firewall and all of sudden things do not go the way they were planned and the engineer decided to take a step back and put the configuration as it was. In this question, I am taking Palo alto firewalls as an example. After discussing it with the team, I found two opinions, some argue (and they are the most) that restoring from a backup could not always be successful and go smoothly and there is a risk that you might affect the configuration on all devices managed by Panorama, and therefore they suggest to remove the objects, rules, etc you created and then make a commit on that device. Other people say it is much easier to restore from a backup taken before the change than having to delete objects, nat rules, etc. I was hoping to see your thoughts on which do you feel could be more appropriate especially for a MSSP who is following the change management process and try to ensure there is minimal impact or risk to the clients managed devices when such cases occur.
No comments:
Post a Comment