Firewall Policy Fine Tuning - Rule Optimization Reports


    The Policy Fine Tuning sub-section in Firewall Analyzer Rule Management > Rule Optimization sub-tab lists all the overly permissive firewall rules.  

    This feature helps to fine tune allowed rules of firewall. The result is derived by learning syslog data for selected time period.

    In this section, the allowed rules are listed as drop down list. Select the allowed rule from drop down to fine tune.

    The configuration of the existing selected rules is displyed in the Existing Rule table. The details are Source, Destination, Service, and Action.

    • Source - Existing source objects in the rule.
    • Destionation - Existing destination objects in the rule.
    • Services - Existing service objects in the rule.
    • Action - Existing permission actions of the rule.

    Click Fine Tune button. This will display the Fine-tuned Rule table and Details of Fine Tuning table.

    Fine-tuned Rule table shows suggested value for source, destination and service to fine tune the selected rule.

    • Source - The suggested fine tuned source objects of the rule.
    • Destionation - The suggested fine tuned destination objects of the rule.
    • Services - The suggested fine tuned service objects of the rule.

    Details of Fine Tuning table shows existing configured, used and unused objects of the rule for specific time period.

    • The Existing Configured column of the tabe lists the existing source, destination, and service.
    • The Used Objects column of the tabe lists the source, destination, and service objects.
    • The Unused Objects column of the tabe lists the  source, destination, and service objects.

    Click on the objects to view the details of the objects.

    Click on the specific Used object. You can view the log report in which the used object is available.

    Note: This feature is not supported for Cisco devices.

    Refer the Rule Management Report Support page, for the list of firewall devices.

    I