Rule Usage Filtering Actions

Take immediate action when filtering rules according to usage when you leverage the policy optimizer.
PAN-OS 10.0 enables you to delete, disable, enable, and tag policy rules directly from the policy optimizer. For example, you can filter for unused rules and then tag them for review to determine whether they can be safely deleted or kept in the rulebase. By enabling administrators to take action directly from the policy optimizer, you reduce the management overhead required to further assist in simplifying your rule lifecycle management and ensure that your firewalls are not over-provisioned.
  1. Select
    Policies
    and View Policy Rule Usage to filter for unused rules.
  2. Select one or more unused policy rules from the policy optimizer. Administrators can perform the following actions:
    • Delete
      —Delete one or more selected policy rules.
    • Enable
      —Enable one or more selected policy rules when disabled.
    • Disable
      —Disable one or more selected policy rules.
    • Tag
      —Apply one or more group tags to one or more selected policy rules. The group tag must already exist in order to tag policy rule.
    • Untag
      —Remove one or more group tags from one or more selected policy rules.
  3. Commit
    your changes.

Recommended For You