Exclude Criteria Filter to Monitor Firewall Device Configuration


    Firewall Analyzer offers another value added feature to filter out device configuration changes from monitoring. While generating change report between any two configuration versions, there might be requirements to exclude certain specific lines or text of configuration. For example, lines containing Cryptochecksum information, speed token, NTP clock-period should be ignored when the difference is considered. While Firewall Analyzer itself takes care of excluding information like the ones above, you can specify exclude criteria based on specific needs. Once the criteria is specified, Firewall Analyzer will exclude the lines matching the specified criteria for all devices belonging to which the exclude criteria template is created and applied. To cutail this, Firewall Analyzer offers Exclude Criteria filter. This will exclude the configurations with the selected criteria to be filtered out from monitoring.

    The procedures to manage and create the Exclude Criteria are given below.

    How to manage Exclude Criteria

    • Click the Settings > Firewall > Firewall Server > Exclude Criteria link and the Exclude Criteria list page opens up.
    • In the Exclude Criteria list page, you will find Add link. Below the links, the Exclude Criteria templates are listed.
    • To edit the template click on the Exclude Criteria template
    • To delete the Exclude Criteria template, select the check box of the template, and click Delete icon on right top corner.

     The Template table contains the following columns.

    Columns Description
    Template Name Name of the Exclude Criteria template
    Device Type Name of the devices the exclude criteria template is applied
    Status Enable/Disable - Toggle the slider to enable or disable the Exclude Criteria template

    How to add Exclude Criteria 

    • Click the Exclude Criteria link, on the top right side of the Compliance page and the Exclude Criteria list page opens up.
    • In the Exclude Criteria list page, click Add link and the Add Criteria page opens up.
    • In the Exclude Criteria section, enter values or select options.
    • Enter a name for the exclude criteria template in the Template Name field.
    • Select the devices, which you want to assign/re-assign to the selected criteria template. All the available devices are listed in the Available Device(s) list. Select the devices and click right arrow. The selected devices are moved to the Selected Device(s) list. If you want to remove any device from the Selected Device(s) list, select the devices and click left arrow. The removed devices will be moved back to the Available Device(s) list.
    • In the Criteria field, select the 'contains or starts with' condition from the drop down list and enter the value to filter in the text box besides. Click the Add icon to add more filter criteria. In the additional criteria field, there will be an additional logic operator to relate the additional filter criteria, select the 'and or or' condition from the drop down list. You can use regular expressions while specifying the Exclude Criteria. For example, if you wish to exclude the lines containing the text "logging" followed by an IP address, you may specify the criteria as logging.* Click the Delete icon to delete additional filter criteria.
    • Click Save button to add the new template or click Cancel button to cancel this operation.

     How to use 'Exclude Criteria' while generating configuration change management reports?

    While generating configuration difference between any two configuration file versions, there might be requirements to exclude certain specific lines or text. For example, lines containing Cryptochecksum information, speed token, NTP clock-period should be ignored while taking the difference. While Firewall Analyzer takes care of excluding information like the ones above, users can specify exclude criteria based on specific needs. Once the criteria is specified, Firewall Analyzer will exclude the lines matching the specified criteria for all devices belonging to the device template for which the exclude criteria is created.

    You may make use of Regular Expressions while specifying the Exclude Criteria. For instance, if you wish to exclude the lines containing the text "logging" followed by an IP address, you may specify the criteria as 'logging.*'