Filter rule usage to identify and delete unused rules
to improve your Security posture.
Over-provisioned access on the firewall can
be exploited by attacks so administrators need to periodically check
for outdated and unused rules. View policy rule usage to
simplify your rule lifecycle management to find and delete unused
rules to maintain an up-to-date rulebase and improve your Security
posture. In PAN-OS 9.0, Rule Usage Filtering enables you to quickly
filter the selected rulebase according to rule usage data as well
as additional rule data (such as Created and Modified dates) within
a customizable time frame.
and navigate to
the Policy Rulebase Settings to verify that
and then select
the policy rulebase to filter.
In the Policy Optimizer dialog, view the
Filter rules in the selected rulebase.
want to filter on or specify a
Select the rule
on which to
) If you have reset the rule usage
data for any rules, check for
Exclude rules reset during
the last _ days
and decide when to exclude a rule based
on the number of days you specify since the rule was reset. Only rules
that were reset before your specified number of days are included
in the filtered results.
) Specify search filters based on
rule datarule usage.
Hover your cursor over the column header and select
Add any additional columns you want to display or use for
Hover your cursor over the column data that you would like
to use for filtering and select
data that contains dates, select whether to filter using