3 Replies Latest reply on Feb 23, 2015 10:10 AM by squidikus

    Delete element?

    totti10

      Hi all,

       

      I'm really annoying with delete an element in Mcafee NGFW. When i delete a object, it's referenced by another object and another object is referenced by other object, too. So it's not easy to delete a object. I also try to delete a situation, which is in another context, so i have to remove that context to delete that situation. But the problem is, SMC does not allow a situation with blank context--> so how to delete that situation?? It's so annoying.

      Just wonder why doesn't mcafee make this deletion simpler?

      Are there any easier way to force delete these things?

       

      Thanks and Regards!

        • 1. Re: Delete element?

          If you consider, for example, removing a host element, the references are to your benefit, since they indicate which configurations will probably break without that host element. Some elements with a lot of references may be laborious to delete but it's probably not every day that security engine elements are deleted, for example.

           

          However, to delete a situation, you should not need to delete a context. Rather the other way around; though contexts are system elements that cannot be deleted. So that sounds like an issue if it is indeed happening as you described.

          • 2. Re: Delete element?
            totti10

            I understand the benefit, but it's really annoying. Especially, in case that it's keeping referenced by another objects, and we have to delete or remove these objects in sequence. Why doesn't mcafee just promt user: this object is using in this rule, are you sure to remove... and then remove that object.

            • 3. Re: Delete element?
              squidikus

              I understand your frustration.

              However if you have a simple rule set then deletion of a referenced object would be ok, to some degree as you have less places to really look at for potential error. But lets say you have a rule set with 200+ rules and you delete an object with 70 references. You may end up having 70 rules which have a blank source or destination or situation, which the firewall/firewalls will now have an issue trying to process rules with null or incomplete references, and if the firewall did by chance happen to apply the new rule set, then you have 70 rules that have some misconfiguration or 70 rules to remove, which you would have removed anyway during the search for potential references. A positive side of the references is that you will learn you rule set better by knowing how it is all linked together.