>
    Manage: Policy Analyzer
    Focus
    Download PDF
    Focus
    1. Home
    2. Strata Cloud Manager
    3. Manage: Security Posture
    4. Manage: Policy Analyzer
    Download PDF
    Strata Cloud Manager

    Manage: Policy Analyzer

    Table of Contents

    Manage: Policy Analyzer

    Analyze your rulebase for anomalies and get suggestions for possible consolidation or removal of specific rules.
    Where Can I Use This?
    What Do I Need?
    • NGFW (PAN-OS or Panorama Managed)
    • VM-Series, funded with Software NGFW Credits
       (when managed using Panorama)
    • Prisma Access (Managed by Panorama)
    • AIOps for NGFW Premium license (use the Strata Cloud Manager app)
    Updates to your Security policy rules are often time-sensitive and require you to act quickly. However, you want to ensure that any update you make to your security policy rulebase meets your requirements and does not introduce errors or misconfigurations (such as changes that result in duplicate or conflicting rules).
    In order to achieve this, Policy Analyzer in
    Strata Cloud Manager
     enables you to optimize time and resources when implementing a change request. Policy Analyzer not only analyzes and provides suggestions for possible consolidation or removal of specific rules to meet your intent but also checks for anomalies, such as Shadows, Redundancies, Generalizations, Correlations and Consolidations in your rulebase.
    Use Policy Analyzer to add or optimize your Security policy rulebase.
    • Before adding a new rule
      —Check to see if new rules need to be added. Policy Analyzer recommends how best to change your existing Security policy rules to meet your requirements without adding another rule, if possible.
    • Streamline and optimize your existing rulebase
      —See where you can update your rules to minimize bloat and eliminate conflicts and also to ensure that traffic enforcement aligns with the intent of your Security policy rulebase.
    Analyze your Security policy rules both before and after you commit your changes.
    • Pre-Change Policy Analysis
      —Enables you to evaluate the impact of a new rule and analyze the intent of the new rules against the rules that already exist to recommend how to best meet the intent.
    • Post-Change Policy Analysis
      —Enables you to clean the existing rulebase by identifying Shadows, Redundancies, and other anomalies that have accumulated over time.
    See Policy Analyzer to learn more.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.