Identify Rules to Improve

Determine the Security policy rules you need to tighten to improve security using using the Best Practice Assessment tool.
After you identify a gap in security policy capability adoption, use the
Adoption Heatmap
Rule Detail
view to list rules that require further investigation or remediation. Configure
Local Filters
to match the gap identification criteria you developed when you identified gaps in adoption. This results in rule lists you can export and hand off to the operational team in charge of firewall Security policy.
For example, to create a Rule Detail filter to identify rules that allow all traffic and don’t have a Vulnerability Protection profile configured:
  1. From the Adoption Heatmap menu, select
    Rule Detail
    to view the Rule Details page.
  2. Click
    Local Filters
    to view the filter options and then select the following filters:
    • Source Zone =
    • Destination Zone =
    • Source Address Configured =
    • Destination Address Configured =
    • Action =
    • Rule Enabled =
    • Vulnerability On =
  3. Click
    Apply Filters
    The BPA lists the rules that match the filters:
  4. To export the filtered rule list to a .csv file, click
    Export Data

Recommended For You