Firewall rule sections can be locked while making modifications, to prevent multiple users from simultaneously making changes to the same sections.

Firewall rule sections can be locked to prevent multiple users from simultaneously modifying the same section. The Enterprise Administrator can view and override all locks.

Security Administrator, Security Engineer and Enterprise Administrator user roles are able to lock and unlock their sections. Enterprise Administrator user roles have override capability - to unlock a section locked by any user of any role. Enterprise Administrators are also able to unlock other Enterprise Administrators. For more on user roles see Managing User Rights.

Locked firewall sections cannot:
  • Be merged with another section by another user.
  • Have new rules added by another user.
  • Be deleted by another user.
  • Have rules dragged and dropped into them by another user.


  1. In the vSphere Web Client, navigate to Networking & Security > Security > Firewall.
  2. To unlock a section, do one of the following:
    • Click the section lock icon, and then click UNLOCK. The section now displays an unlocked lock icon to indicate that it is unlocked.
    • The number of locked sections is displayed above the firewall rule table. To view all locked sections, click the hyperlinked number next to Locked. To find the sections locked by you, filter rules by your name. Select the rule you want to unlock and click UNLOCK.