Create a Post
Showing results for 
Search instead for 
Did you mean: 

Referenced object removal


We've always been able to remove object that were still in rule. If it was the last object we were getting a warning saying that this is the last object and it will be changed to "Any". Since the update to R80.10 T203 we aren't able anymore to remove those object without removing it first from each rule were it is present.

I've check with my teammate here and they all agree, it was working before the update.

Is it supposed to work, should we be able to remove it when it's in a rule, or we are mixed up?





0 Kudos
3 Replies

You can't do that in R80.X at least from Dashboard.

Maybe using mgmt_cli to delete the objects and ignore warnings, personally I never tried. Test in lab environment first.

MGMT API Delete host 


0 Kudos

As deleting the last object in the cell of a rule can potentially have disastrous consequences from a policy enforcement perspective, this is blocked in R80+ SmartConsole by design.
0 Kudos

In the past, deleting last object, turned it to any ... but it was changed because customers pointed the true fact that its the opposite intent of the security...

you had rule matching for xyz and now you will have rule matching any.

its unlikely that this is what you want to see... so in fact if this is the last object in rule, you probably want to delete the rule and not to change it to match for any

you can also create a dynamic object of devnull that will be empty and replace the object with that object... but why do you want rules that will never match

You are welcome to propose other reasons or scenarios to allow you to do something different. 


0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events