Help
The Policy Overview Report in Firewall Analyzer gives you a high-level summary of all firewall policies (rules) configured on your firewall devices.
This report provides an organized snapshot of:
Note: Firewall Analyzer now includes an Exclude Rule feature, enabling users to omit specific rules from Rule Management and Compliance Reports. Click here to learn more.
This is the complete list of all rules and policies in your firewall device. For example, if your firewall has 50 rules created, this report shows all 50—no filtering.
These are the rules that permit network traffic. It shows which traffic is being allowed to pass through your firewall—helps identify open paths into your network.
These rules block or reject traffic. Useful for checking what traffic is intentionally being stopped for security reasons.
Rules that control incoming traffic from outside into your network (e.g., from internet to your internal server). It helps you see what kind of external traffic is allowed or denied access into your network.
Rules that control outgoing traffic from inside your network to outside (e.g., users browsing the web). Useful for seeing which internal users or devices can access external resources.
These are rules that exist in your firewall but are currently turned off or disabled. Helps clean up unused rules and avoid confusion or misconfiguration.
These rules are not generating logs, even if traffic matches them. This can be a blind spot—without logs, you can't see if the rule is being used or abused.
These are risky rules that allow traffic from any source to any destination, often without restriction. These are major security concerns, often used temporarily but forgotten—Firewall Analyzer helps you find them.
These rules allow traffic for any protocol or service (e.g., HTTP, FTP, SSH), without limiting what kind of traffic can go through. Like “ANY to ANY” rules, this is dangerous if left open—too permissive and can be exploited.
Bidirectional rules refer to firewall policies or rules that allow traffic in both directions between two network zones or entities. When configuring firewall rules, each rule typically allows traffic from a specific source to a destination, using certain network and service objects.
This setup means that:
Although the direction of communication is different, both rules together enable full two-way communication between A and B.
Object Details view shows which network/service objects are used in each rule.
Network Address Translation (NAT) rules define how internal IPs are translated to public/external IPs (and vice versa).
Firewall Analyzer displays NAT rules that may influence how traffic flows between A and B. Bidirectional rules may also involve bidirectional NAT, where both source and destination addresses are translated in both directions.
Thank you for your feedback!