Optimize Your Configuration (Cloud Management)

Prisma Access makes it easy to clean up and streamline your security policy based on usage data and auto-generated recommendations.
Objects that aren’t referenced in policy and rules without any traffic hits can clog up performance and complicate policy management — Prisma Access identifies these for you so you can clean them up.
Prisma Access also identifies overly permissive rules. These rules ntroduce security gaps because they allow applications that you’re not using in your network.
Go to the
Overview
dashboard to see what you can optimize (
Manage
Service Setup
Overview
Optimize
).
Here you can start cleaning up:
  • Overly Permissive Rules
    — These are rules that allow
    any
    application. Learn more about converting overly permissive rules into specific rules.
  • Unused Objects
    —These are objects that have not been referenced in policy in the past six months.
  • Zero Hit Policy Rules
    —These are policy rules that have not had any hits in the past six months.
  • Zero Hit Policy Objects
    —These are objects your security policy is referencing, but in at least one rule, the objects aren’t matching against traffic. Prisma Access shows you only the rules where the object isn’t getting any hits, so you can remove it from these rules where it’s not effectively enforcing traffic.

Recommended For You