Device > Policy Recommendation > IoT
Configure and view the Policy Recommendation settings
on your firewall.
View information on the policy rule recommendations
from the IoT Security app. The policy rule recommendation uses metadata
that the firewall collects from traffic on your network to determine
what behavior to allow for the device. You can check the policy
rule recommendation version in .
Device
Dynamic Updates
Device-ID Content
Button/Field | Description |
|---|---|
Policy Import Details | View detailed information about the policy
rule recommendation, such as device group Location , rule
name , the user who imported the policy,
whether the policy rule recommendation Is Updated ,
when the policy rule recommendation was imported, and when the policy
rule recommendation was last updated. |
Device Profile | The device profile for the source device in
the policy rule recommendation. |
Source Zones | The source zones for the policy rule recommendation. |
Address | The source address for the policy rule recommendation. |
Location | The device group on Panorama where this policy rule
recommendation is available. |
Destination Device Profile | The destination device profile that the firewall allows
for the policy rule recommendation. |
Device IP | The IP address of the device that the policy
rule recommendation allows. |
FQDN | The fully qualified domain name (FQDN) that
the policy rule recommendation identifies as allowed based on typical
behavior for the device. |
Destination Zones | The destination zones that the policy rule recommendation
allows. |
Security Profiles | The security profile that the policy rule recommendation
allows. |
Services | The services (for example, ssl )
that the policy rule recommendation allows. |
URL Category | The URL filtering categories that the policy
rule recommendation allows. |
Applications | The applications that the policy rule recommendation
allows. |
Tags | The tags that identify the policy rule for
the policy rule recommendation. Do not change the tags
of the policy rule; if you change the tags, the firewall cannot
rebuild the policy mappings. |
Internal Device | Identifies whether the device is from a zone
that is internal to your network ( Yes )
or from an external internet-facing zone (No ). |
Active Recommendation | Identifies whether this policy rule recommendation
is active and currently used in security
policy or whether you have removed it
from your security policy. |
Action | Identifies the action for this policy rule recommendation
(default is allow ). |
New Update Available | Identifies that there is a new update for this policy
rule recommendation that you must import from the IoT Security app.
When you import the policy rule recommendation update, the firewall
dynamically updates the security policy rule. If you have more than
one device group, the value remains Yes until
you import the policy rule recommendation update to all device groups. |
Import Policy | After using the IoT Security app to Activate your
policy rule recommendations, Import Policy to
import the policy rule recommendations to use in your security policy rules. |
Remove Policy Mapping | If you no longer need the policy rule recommendation
for a device, you can Remove Policy Mapping for
it. You must also delete the policy rule for the policy rule
recommendation. |
Rebuild All Mappings | If the mappings become out of sync (for example,
if you restore a previous configuration) you can Rebuild
All Mappings to restore the policy rule recommendation
mappings. |
Recommended For You
Recommended Videos
Recommended videos not found.
