Convert Rules That See the Most Traffic
Expand all | Collapse all
Convert Rules That See the Most Traffic
Convert legacy port-based security policy rules that
have seen the largest amount of traffic in bytes over the past 30
days to application-based rules.
Sorting for rules that have seen the most
traffic over the past 30 days (
Traffic (Bytes, 30 days)
)
shows you the current most active rules. (A longer time frame places
can mislead you by emphasizing older rules that remain at the top
of the list because they have large cumulative totals, even if they
no longer see much traffic.) Converting these rules to App-ID based
rules safeguards the largest amount of traffic for your effort.
If
multiple rules see a lot of traffic, use the information to
help prioritize which rules to convert first. For example, you could
prioritize rules with the most
Apps Seen
(potentially
the riskiest rules) or rules the with most
Days with
No New Apps
and the oldest
Modified
date
(the most stable high-traffic rules).
In , sort the rules
in descending order by
Traffic (Bytes, 30 days)
to
place the most recently active rules at the top of the list.
Select a rule to begin converting and click the number
of
Apps Seen
.
In the
Applications & Usage
dialog,
sort and filter the
Apps Seen
on the rule
to determine how to handle the applications.
Sort or filter by application subcategory to group applications
that may require similar treatment and can be controlled in one
application-based rule. Sort on
Traffic (30 days)
to
see the amount of recent traffic on individual applications to prioritize
the currently most active applications.