-
Using Management Center for Firewalls 1.2
-
Preface
-
Getting Started With Firewall MC
-
Task Flow Checklists
-
Preparing the Firewall MC Environment
-
Managing Activities
-
Preparing Your Network
-
Creating an Inheritance and Grouping Strategy
-
Representing Network Assets in Firewall MC
-
Configuring Device-Level Settings
-
Configuring Routing Rules
-
Defining Your Policy Building Blocks
-
Configuring Access Rules
-
Configuring Translation Rules
-
Manually Defining Rules Using CLI Syntax
-
Generating and Verifying Configuration Files
-
Deploying Configuration Files
-
Monitoring and Reports
-
Configuring VPN Settings
-
Configuring Failover
-
Maintaining your Firewall MC Server
-
Troubleshooting
-
Understanding User Roles and Permissions
-
Index
-
Table of Contents
Managing ActivitiesUnderstanding Activities
Managing Activities With Workflow Disabled
Managing Activities With Workflow Enabled
Creating an Activity
Submitting an Activity for Review
Approving or Rejecting an Activity (Approval Process Enabled)
Opening an Existing Activity
Closing an Activity
Undoing An Activity
Error: <Device | Device Group> Is Locked by <Activity>
Error: No Changes Can Be Made Within the Open Activity, As It Has Been Submitted for Approval
Error: Invalid activity action (action). The workflow type may be changed. Please close and reopen the Firewall MC application window.
Error: Operation failed. The workflow setup might be changed. Please close and reopen the browser
Error: You must approve or discard all existing activities and deploy all existing jobs before you disable workflow
Managing Activities
You make most changes in Firewall MC using activities. Certain settings, like administrative settings, do not require an activity to modify, but firewall device settings must be changed using an activity. Activities provide an audit trail for changes, and are a convenient way to experiment with changes—you can simply discard any activities with changes you do not want to implement.
Activities are implemented in three different ways, depending on the workflow mode you choose. The following workflow modes are available:
- Workflow disabled (default)—The workflow feature is turned off, eliminating the requirement for you to define activities. Firewall MC defines activities automatically when you make configuration changes.
- Workflow enabled—The workflow feature is turned on. You must define activities to make changes, but formal approval of the activities is not required for you to deploy changes.
- Workflow with formal approval enabled—The workflow feature is turned on. You must submit an activity for approval before you can deploy changes.
When workflow is enabled, the GUI displays the Workflow tab so you can manage activities. When workflow is disabled, the GUI displays the Deployment tab. You can use the Deployment tab to view deployment status information and to deploy saved configurations to devices.
You control which of these methods to use for tracking changes. You can enable workflow with or without the formal approval process at any time; however, before you can disable workflow, you must approve or discard any open activities and deploy, cancel, or verify that all jobs are being deployed. For more information on jobs, see Managing Deployment With Workflow Enabled.
Understanding Activities
In Firewall MC, you use activities to control changes made to the firewall devices you are managing. Although the way activities are implemented depends on the workflow settings you choose, activities provide the following benefits in all workflow modes:
- Audit trail—Activities track changes that are made in Firewall MC. You can use this information to determine what changes have been made and who made the changes. For more information, see Viewing Administrative Activity Reports.
- Safety mechanism—Activities provide a means for experimenting with changes. You can make changes using an activity, and then view the configuration that results from those changes. If you do not want to implement the changes, you can discard the activity. For more information, see Undoing An Activity.
- Task isolation— When you create an activity, the firewall devices that are modified by that activity are locked from further changes. This prevents conflicting changes that may make a configuration unstable. For more information, see Understanding Locking.
Understanding Locking
The device hierarchy is the basis for the locking-model design, which ensures the integrity of the deployed configuration files. If a group within the hierarchy is locked, subgroups and devices are implicitly locked, thereby eliminating the possibility of conflicting changes being imposed on the same devices.
When you open or create an activity, the system must acquire a lock, which can be acquired only if no other activity holds a lock on the same groups or devices. Other users are locked out until the activity is approved and committed, or undone. This guarantees that when you change elements associated with a global group, no other user can read or write changes to the group that you are editing.
 |
Note When workflow is enabled, locks are related to activities. When workflow is disabled, locks are associated with users. |
Imagine a device hierarchy with a group called Global at the top level containing subgroups Fruits and Nuts. Fruits contains devices Apple and Banana. Nuts contains devices Walnut and Pecan.
The general rule is that when an activity makes changes to a device or device group in the hierarchy, that device or group and everything below that group is locked, and each enclosing group is marked so that no other activity can lock it. Making changes to the Global group locks everything in the hierarchy. Adding a group or device to an existing group is like making changes to the existing group.
Consider the following examples:
- Suppose an activity were to make changes to Walnut device settings. Nothing can be below a device, so nothing other than Walnut is locked. Walnut is enclosed by the Nuts group, which is enclosed by the Global group. Both Global and Nuts are marked to prevent other activities from locking them. Another activity can be used to make changes to Pecan, because the marks on Nuts and Global only prevent them from actually being locked.
Suppose an activity tried to make changes to the Nuts group. These changes would not be permitted, because the Nuts group has been marked, which prevents it from being locked.
- Suppose an activity were to make changes to the Fruits group. The Fruits group becomes locked. The Apple and Banana devices contained within the Fruits group are also locked. The Fruits group is enclosed by the Global group, so Global is marked to prevent any other activities from locking it. In this example, changes to the Nuts group can still be made by another activity.
Understanding Padlock Icons
After you select the scope using the Object Selector, Firewall MC displays the scope information in the Object bar. A padlock icon is placed to the left of the device or device group that is locked. The padlock is associated with the highest point in the object hierarchy that is locked. This enables you to determine if the device or device group is available for you to make configuration changes. You can also place the mouse cursor over the lock to determine who holds the lock when workflow is disabled, or which activity holds the lock when workflow is enabled.
- Red—Another user or activity holds the lock. You cannot make changes to devices or device groups until the configurations for those devices are generated and deployed, are being generated, or were discarded.
- Green—You or the current activity holds the lock. You can make changes to the devices and groups, which are locked to outside users.
Managing Activities With Workflow Disabled
When workflow is disabled (default), you do not need to define activities for tracking changes in Firewall MC. After you make configuration changes, you can deploy those configuration changes by clicking the Save and Deploy icon in the activity bar of the Devices and Configuration tabs, or you can discard the changes by clicking the Undo icon. When you click the Save and Deploy icon, new configurations are generated for any modified devices. You can then deploy the new configurations, or save them and deploy them later. For more information on deploying saved configurations, see Using the Deployment Tab.
The Deployment tab is visible only when workflow is disabled. When you enable workflow, the Deployment tab is replaced by the Workflow tab, and you manage deployments by using jobs. For more information on using jobs for deployment, see Using Job Management.
Important Notes about Using Firewall MC When Workflow Is Disabled
- You can enable workflow at any time, but to disable workflow, you must approve or discard any open activities and deploy, cancel, or verify that all jobs are being deployed before you disable the workflow feature.
- You do not need to define an activity when workflow is disabled; an activity is automatically assigned to you. To view report information, click the View Details icon in the activity bar or select Reports > Activity.
- Locks are assigned to users, not activities.
- A user acquires locks as needed.
- After you save and deploy or save a device configuration for deployment later, the lock on that device is released.
- When workflow is disabled, you cannot select the deployment method during deployment. You must specify the deployment type before deploying. To specify the deployment type for a device or group, select Configuration > MC Settings > Deployment, then click the Deployment Type radio button that corresponds with the method to use for deployment.
Using the Activity Bar
When workflow is disabled, you use the activity bar in the Devices and Configuration tabs to generate configurations for changed devices, undo changes, and view changes that were made since the last save. Table 4-1 shows the activity bar icons available when workflow is disabled.
Table 4-1 Activity Bar Icons Used When Workflow is Disabled
Managing Activities With Workflow Enabled
Many organizations benefit from having a separation of responsibility when defining, implementing, and deploying corporate firewall policies. For example, a security administrator might be responsible for defining a device configuration file, another administrator for approving the configuration file, and a network operator for deploying the resulting configuration to a device. This separation of responsibility helps maintain the integrity of deployed device configurations.
Firewall MC supports this separation of responsibility using activities and jobs, which define tasks that are accomplished by one or more people in succession.
|
Note You can set up Firewall MC to require formal approval for both activities and jobs. This approval process is disabled by default. To enable it, select Admin > Workflow Setup. |
Activities control policy changes. When you create a new activity, you are preparing a proposal to create or change firewall device configurations. An activity includes such information as devices or device groups to which configuration settings, access rules, and translation rules will be downloaded. To access the activities feature, select Workflow > Activity Management. See Using Activity Management.
 |
Tip You can also access the activities feature from the Devices and Configuration tabs by clicking the activity bar buttons at the top right of your screen. |
After an activity is approved, the corresponding configuration elements can be downloaded to several devices in the form of a job. A job identifies devices to which configuration files will be deployed. To access the jobs feature, select Workflow>Job Management. See Using Job Management.
To view the latest configuration file, select Configuration > View Config. See Viewing Configurations.
Table 4-2 is a quick-reference to help you understand how to use activity- and job-management features.
Table 4-2 Quick Reference Process Flow
|
| 1 If you are opening an activity, see Opening an Existing Activity. 2 After you initially populate Firewall MC with devices, you can skip this step if no changes to devices are needed. 3 This feature is disabled by default. To enable the review and approval feature, see Requiring a Formal Approval Phase. |
Using Activity Management
When you create a new activity, you are preparing a proposal to create or change firewall device configurations. An activity is a task that is accomplished by one or more people in succession. For example, a network administrator sets configuration parameters for a firewall device, and a system administrator approves the configuration settings. This separation of responsibility helps maintain the integrity of deployed device configurations.
Because most users manage many firewall devices within their networks, it is common practice to manage these devices in groups. The Firewall MC design is based on a navigation hierarchy to facilitate navigation to firewall device groups and devices. As a result, a single activity could affect several devices or groups; however, only one user may open the activity at any given time.
Important Notes About Activities
- The opened activity and its state are displayed in the top right corner of pages in the Devices and Configure tabs in the activity bar. This enables you to see at a glance the context within which you are working. If no activity is open, the word None is displayed.
- An activity must be opened (Edit_Open state) to allow changed device or configuration information to be saved.
- Each user can have only one activity open at a time; users are locked out of any other activity that involves an overlapping scope.
- Multiple users can work in an activity in series, but only one user can have the activity open at a time.
- An activity acquires locks as needed.
- After an activity is approved, changes in an activity cannot be undone automatically. You must create a new activity and manually change the settings back to the desired state.
- If you select an activity in the Activities table and click Undo, the activity you are working in is also closed.
Understanding Activity Actions and States
Firewall MC keeps a history of actions made with each activity, from creating an activity, to approving the activity for deployment. You also have the option of undoing all changes to an activity, which discards the activity from use. Although the Activity Management table shows only the most recent action state, you can view all actions for an activity by selecting Reports > Activity. See Viewing Administrative Activity Reports.
Figure 4-1 shows an Activity Management table with activity actions and activity state information. After a new activity is defined, it advances to the Edit_Open state in the Activity Management table. The activity name is also displayed in the activity bar at the top right of your screen when viewed from the Devices or Configure tabs. You can now begin making device or configuration changes.
While in the Edit_Open state, the activity and the devices and groups defined within the activity are locked to other users. Only the person who opened the activity can make changes.
Figure 4-1 Activity Management Table
|
| 1 Activity buttons are grayed-out depending upon the state of the activity that you select. 2 Activity buttons vary depending upon whether your formal approval process is enabled or disabled. |
An activity can have the following states, which are shown in the Activity Management table State column:
|
Note Available actions associated with an activity state might vary depending upon whether the formal approval process is enabled or disabled. |
- Edit—The activity is unlocked, but it cannot be configured within the context of another activity. You must open the activity to make changes to corresponding configuration elements. The activity can be opened or discarded while it is in the Edit state.
- Edit_Open—The activity is opened from the Edit state, or a new activity has been created that automatically results in an Edit_Open state. Configuration changes can be made to the devices and groups selected. The devices or groups being configured are locked to other users. An activity remains editable until it is submitted for approval or deleted. The activity can be closed, discarded, submitted, or approved while it is in the Edit_Open state.
- Submitted—The activity is submitted for review from the Edit_Open state. The activity is no longer editable; no further configuration changes can be made within the activity. The devices and groups selected for the activity are still locked to other activities. The activity can be discarded or rejected while it is in the Submitted state.
- Submitted_Open—The activity is opened for review from the Submitted state. The devices and groups selected for the activity are still locked to other activities. The activity can be approved or rejected while it is in the Submitted_Open state.
- Generate_Open—The activity is being submitted and the associated device configuration files are being generated for review. The activity can be canceled from the Generate_Open state.
- Reverse_Generate_Open—The activity is importing new devices. The activity can be canceled from the Reverse_Generate_Open state.
- Approved—The activity was approved by a person with approval authority from the Submitted_Open state. The corresponding configuration elements defined within the activity are now committed policy configurations. The locks are removed. The devices and groups can be used in a new activity. The activity can be discarded while it is in the Approved state. A job must be defined to deploy the activity and device configuration files to the devices.
- Rejected—The activity was rejected by a person with approval authority from the Submitted_Open state. The activity remains in the rejected state until it is reopened for editing purposes. Device groups and devices associated with the activity remain locked to other users. The activity can be discarded from the Rejected state.
- Discarded—The activity is discarded (Undo was selected) and further changes to the activity are disallowed. Device groups and devices associated with the activity are unlocked to other users. An activity can be discarded from any state. It is retained in the Activity Management table until it is purged by the system. To configure the same devices or groups, you must create another activity or add each device or group to another existing activity.
|
Note |
- If an activity is in the Edit_Open state, you can edit and save changes that you make, but only if the devices or device groups contained within that activity are not overlapping into another activity that is locked.
Creating an Activity
Creating activities to support your organization's policies is simple. You can define your activities as a succession of actions (for example, populate network, set access rules, set passwords) based on your network topology (for example, East Coast, Corporate Office, Finance, Third-party) or by defining a change in configuration settings (for example, AAA).
You then configure your network settings and submit them for review and approval (if the approval process is enabled). Ultimately, the activity takes effect through deployment jobs that download new configuration information to the selected devices.
After you define your activity, it is listed in the Activity Management table, along with its current state.
|
Note Creating an activity adds a new row to the Activity Management table and opens the activity automatically. |
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 Click Add.
You are prompted to enter an activity name and an optional activity comment.
Step 3 Enter the information in the fields provided, then click OK.
You are returned to the Activity Management table with the new activity listed. The activity state is shown as Edit_Open. Updated information is noted in the Last Action column.
You are ready to begin the device setup or configuration settings for use for later deployment.
Activity Management Field-Level Elements and Descriptions
|
| 1 Activity buttons are grayed-out depending upon the state of the activity that you select. 2 Activity buttons vary depending upon whether your formal approval process is enabled or disabled. |
|
Note You can view a history of changes made to activities by selecting Reports > Activity Changes. |
Submitting an Activity for Review
The review and approval feature is disabled by default, but you can enable the feature if your organization requires a formal approval process. See Requiring a Formal Approval Phase.
If the approval process is disabled, the submit and approval process is a single step and the activity is approved automatically when it is submitted. If the approval process is enabled, you must submit an activity to someone in your organization for review and approval. When you submit an activity for review, it must be in the Edit or Edit_Open state. After you submit an activity for approval, a person with approval authority reviews the changes.
|
Note |
- If the formal approval process is disabled, the wizard guides you through the complete approval process.
- If the formal approval process is enabled, the wizard guides you through the submittal process. The Activity Management table action buttons are used to complete the approval process.
- The Activity Management table action buttons used to submit and approve an activity will vary depending on whether the formal approval process is enabled or disabled.
Submitting an Activity
Before You Begin
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 In the table, find the activity to submit for approval, then do one of the following:
b. Enter the Activity Submit Comment (recommended). Enter a comment related to the submitted activity request (for example, includes changes to address translation pools for the Global scope).
b. Enter the email address of a person with approval authority in the field provided. You can enter more than one email address.
c. Enter the Activity Submit Comment (optional). Enter a comment related to the submitted activity request (for example, includes changes to address translation pools for the Global scope).
The Review Device Generation List page appears. This page provides a list of devices that are changed by the activity.
Step 3 Verify the devices listed are correct, then click Next.
The activity summary page appears.
Step 4 Verify the information is correct, then click Finish.
If any devices were changed by the activity a device status popup window opens. The window refreshes automatically every 60 seconds; however, you can click Refresh to update device status manually.
|
Tip To view the device configurations, from the popup window, select a device, then click View Config. A new window opens with the configuration file displayed. Repeat this step for each device listed. Close the window after you have viewed the configurations for each device. |
Step 5 After viewing device status information, close the device status window. This is not necessary if no devices were changed by the activity.
- If the formal approval process is disabled, you are returned to the Activity Management table with the activity state shown as Approved in the State column. Updated information is noted in the Last Action column. You can either create a new activity or create a job, which is used to deploy the approved activity and configuration files to the assigned devices. See Using Job Management.
- If the formal approval process is enabled, you are returned to the Activity Management table with the activity state shown as Generate_Open in the State column. The state column refreshes to display Submitted. Updated information is noted in the Last Action column. You can create a new activity.
|
Note Device groups and devices associated with the submitted activity remain locked until the activity is approved or discarded. |
Approving or Rejecting an Activity (Approval Process Enabled)
Only a person with approval authority can approve or reject an activity.
In a traditional environment, a creator and an approver work together to support changes made to policies. The creator submitting the activity for approval is prompted to enter the email address of the persons responsible for approving the activity. A person with approval authority can do one of the following:
- Approve the activity—The Activity Management table displays Approved in the State column. Changes are committed. The devices and device groups associated with the activity are unlocked to other users.
- Reject the activity—The Activity Management table displays Rejected in the State column. The activity can be resubmitted after changes are made, or discarded.
|
Note The review and approval feature is disabled by default, but you can enable the feature if your organization requires a formal approval process. See Requiring a Formal Approval Phase. |
Approving or Rejecting an Activity
Before You Begin
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 In the table, find the activity to review, then click Open.
The activity state changes to Submitted_Open.
Step 3 Run an activity report () to view changes (recommended). See Viewing Administrative Activity Reports.
Step 4 View the configuration file for each device listed in the activity (recommended). To do this, select the activity, then click Status.
A popup window opens to display the generation status of all devices in the activity.
Step 5 From the popup window, select a device, then click View Config.
Step 6 Do one of the following:
You are prompted to enter an optional activity transit comment.
Step 7 Enter the optional information in the field provided, then click OK.
You are returned to the Activity Management table with Approved or Rejected displayed in the State column. Updated information is shown in the Last Action column.
Opening an Existing Activity
You can open an activity to make changes only if it is unlocked or if none of the devices and device groups overlap another activity that is locked. To verify if the activity can be opened, check the Activity Management table. If the state shown is any of the following, you will not be able to open the activity:
- Edit_Open—The activity is locked, along with related devices and device groups, and changes are being made to device configuration settings.
- Submitted or Submitted_Open—The activity is locked, along with related devices and groups, and is awaiting approval.
- Discarded—The activity has been discarded and no changes can be made.
|
Note If devices or device groups are overlapping into another activity that is locked, you receive an error message when you click Finish. |
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 Find the activity in the table that you want to open, then click Open.
The activity state is shown as Edit_Open in the Activity Management table. Updated information is noted in the Last Action column.
You are ready to continue with device setup or configuration changes for use for later deployment. Do either of the following:
Closing an Activity
After you complete an activity, you should close it to grant access to other users. If you have permission to do so, you may close an activity that was opened by another user. Otherwise, you may close only an activity that you opened.
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 Find the activity in the table that you want to close, then click Close.
The activity state is shown as Edit in the State column and updated information is noted in the Last Action column.
|
Note Although the activity is closed, locks remain on its associated device groups and devices. |
Undoing An Activity
You might need to discard changes to configuration settings associated with an activity. If this occurs, you can undo your changes, which returns to the previous configuration settings.
|
Note |
- You can discard (undo) an activity in any state.
Step 1 Select Workflow > Activity Management.
The Activity Management page appears.
Step 2 Find the activity in the table that you want to discard, then click Undo.
You are prompted for an optional activity transition comment.
Step 3 Enter an optional comment in the field provided, then click OK.
The activity is discarded. You are returned to the Activity Management table with the activity state shown as Discarded in the State column. Updated information is noted in the Last Action column. The activity remains listed in the table until it is purged by the system.
Understanding Activity Error and Warning Messages
Before you can make changes to a policy, you must create or open an activity. To create or open an activity, you must be an authorized user and have permission to perform this action. In addition, creating or opening an activity requires a lock.
While you are making policy changes in Firewall MC, different popup windows might appear containing error or warning messages that guide you through the activity management process. These messages vary, depending upon lock availability, whether you are authorized to perform an action, whether an activity must be created or opened first, or as a transition to the next required action within the workflow process.
Activity Error Messages
The following error messages are discussed:
- Error: No Activity Is Open
- Error: <Device | Device Group> Is Locked by <Activity>
- Error: No Changes Can Be Made Within the Open Activity, As It Has Been Submitted for Approval
- Error: Invalid activity action (action). The workflow type may be changed. Please close and reopen the Firewall MC application window.
- Error: Operation failed. The workflow setup might be changed. Please close and reopen the browser
- Error: You must approve or discard all existing activities and deploy all existing jobs before you disable workflow
Error: No Activity Is Open
This message appears if you have not created or opened an activity. You must create a new activity, or open an existing activity that can be edited to preserve the activity information in the database.
Step 1 From the error popup window, select one of the following.
Step 2 Click OK.
a. You can use the default name or assign a new name in the field provided.
b. Enter a comment in the Initial Activity Comment field.
c. Click OK. The popup window closes and you are returned to the Devices or Configuration tab with the opened activity name shown in the activity bar at the top right of your screen.
a. Select the activity using the respective radio button.
b. Click OK. The popup window closes and you are returned to the Devices or Configuration tab with the opened activity name shown by the activity bar at the top right of your screen.
You are now ready to make policy changes.
Error: <Device | Device Group> Is Locked by <Activity>
This message is used when no lock is available because a device or device group (7100-WestCoast-1) is already locked by another activity (Trouble ticket 37). The other activity must be approved or discarded to enable the device or device group to be assigned to a new activity. Click OK to close the popup window.
Error: No Changes Can Be Made Within the Open Activity, As It Has Been Submitted for Approval
This message is used when an activity (Trouble ticket 37) has already been submitted for approval and is in the submitted state. The activity cannot be modified unless it is either rejected by a person with approval authority or discarded. Click OK to close the popup window.
|
Note If the activity is approved as submitted, you must create a new activity through which to make your policy changes. |
Error: Invalid activity action (action). The workflow type may be changed. Please close and reopen the Firewall MC application window.
This message is displayed when multiple users access Firewall MC. If the workflow setting is changed by a second user while you are working in an area of Firewall MC that is not available with that setting, you might receive this message.
Close, then reopen, the browser. Firewall MC reopens and you can continue your task.
Error: Operation failed. The workflow setup might be changed. Please close and reopen the browser
This message is displayed when multiple users access Firewall MC. If workflow is disabled and a second user enables it, you might receive this message.
Close, then reopen, the browser. Firewall MC reopens with workflow enabled and you can continue your task.
Error: You must approve or discard all existing activities and deploy all existing jobs before you disable workflow
This message is displayed if you have any open activities or jobs when you try to disable workflow.
Approve or discard any open activities and deploy, cancel, or verify that all jobs are being deployed before you disable the workflow feature.
Activity Transition Warning Messages
An activity transition message appears when your action will result in closing the open activity (Edit_Open state), which returns it to the Edit state. While in the Edit state, the changes you made to that activity cannot be deployed— the activity remains a work in progress. This message prompts you to move the activity to a state other than Edit_Open (such as submitted, approved, or rejected) or to continue your action and close the open activity. Actions that generate this message include:
The set of options appearing in this message depends on two conditions:
- The states that are available based on the state you are in, which changes according to whether you require formal approval of activities. For information about activity states and actions, see Understanding Activity Actions and States.
- The action that triggered this message.
In the following figure, the activity (Trouble ticket 37) has been submitted for approval and is in the submitted state. No further changes can be made to the activity unless it is rejected or approved.
Step 1 From the warning popup window, do one of the following:
- Click the radio button that identifies the state that the activity should be moved to. The activity moves to the next state, such as submitted or approved.
- Click the radio button to proceed with the action you attempted before the popup window appeared. The activity closes, remaining in the current state, and the selected action occurs.
Step 2 Click OK to perform the selected operation.
|
Note You can also click Cancel, which closes the popup window and allows you to continue making changes to the activity. |