Security Policy Optimizer

  • Policies > Security > Policy Optimizer
Policies
Security
Policy Optimizer
displays:
  • No App Specified
    —Rules that have the application set to
    any
    , so you can identify port-based rules to convert to application-based rules.
  • Unused Apps
    —Rules that include applications that have never matched the rule.
  • Rule Usage
    —Rule usage information over different periods of time, including rules not used over different periods of time.
Field
Description
Name
The name of the Security policy rule.
Service
Any services associated with the Security policy rule.
Traffic (Bytes, 30 days)
Traffic (30 days)
—The amount of traffic in bytes seen during the last 30-day period.
A longer time period would result in the oldest rules remaining at the top of the list because they are likely to have the most cumulative traffic. This can result in newer rules being listed below older rules even if the newer rules see heavy traffic.
Apps Allowed
The applications that the rule allows. Open the
Application
dialog, from which you can add and delete applications on the rule.
Apps Seen
The number of applications seen on the rule. Click the number to open the
Applications & Usage
dialog, which enables you to compare the applications configured on the rule against the applications seen on the rule and to modify the applications.
Day with No New Apps
The number of days since the last new application was seen on the rule.
Compare
Opens the
Applications & Usage
dialog to compare the applications configured on the rule against the applications seen on the rule and modify the rule.
(Rule Usage) Last Hit
The most recent time that traffic matched the rule.
(Rule Usage) First Hit
The first time that traffic matched the rule.
(Rule Usage) Hit Count
The number of times that traffic matched the rule.
Modified
The date and time that the rule was last modified.
Created
The date and time that the rule was created.
Timeframe (
Rule Usage only
)
The time period (number of days) for which data is displayed.
Usage (
Rule Usage only
)
Displays:
  • Any
    (all) rules on the firewall over the specified Timeframe, regardless of whether traffic matched the rules (used rules) or not (unused rules).
  • Unused
    rules that traffic has not matched over the specified Timeframe.
  • Used
    rules that traffic has matched over the specified Timeframe.
Exclude rules reset during the last
xx
days (
Rule Usage only
)
Does not display rules for which you
Reset Rule Hit Counter
within the specified number of days (from 1-5,000 days). For example, this enables you to examine older rules that have not matched traffic over a Timeframe while excluding newer rules that may not have had time to match traffic.
Reset Date (
Rule Usage only
)
The last date on which the rule’s hit counter was reset.

Recommended For You