Manage: Config Cleanup

1. Log in to Strata Cloud Manager.
2. Select ManageSecurity PostureConfig Cleanup.
3. Select the unused objects and policy rules across your entire Strata Cloud Manager configuration for the last 6 months.

   • Policy Rules to Optimize—Click to review the policy rules that are overly permissive rules to convert these to be more specific, focused rules that only allow the applications you’re actually using.
   • Unused Objects (Past 6 Months)—All configuration objects that went unused in any configuration or policy rule in the past 6 months.
   • Zero Hit Objects (Past 6 Months)—Policy rules with configuration objects where the configuration object in the policy rule receives zero hits.
     Configuration objects listed here have received zero hits only in the policy rules that they’re associated with. Their usage might receive hits in the other policy rules they’re used in.
   • Zero Hit Rules (Past 6 Months)—All policy rules that have had zero traffic matches in the past 6 months.
4. Apply additional filters to target specific unused objects and policy rules.

   Add New Filter is supported for Unused Objects (Past 6 Months) and Zero Hit Policy Rules (Past 6 Months).

   • Unused Objects (Past 6 Months)—You can filter and Delete unused objects based on:
     • Name—Search for and select a specific configuration object name.
     • Location—Configuration scope the configuration object name was created in.
     • Object Type—Configuration object type.
     • Days Unused—The number of days the configuration object went used.
       • < 50—Less than 50 days unused.
       • >= 50, <=100—Between 50 and 100 days unused.
       • < 50—More than 100 days unused.
   • Zero Hit Policy Rules (Past 6 Months)—You can filter and Enable, Disable, or Delete zero hit policy rules based on the Name, Days with Zero Hits, or any of the Source and Destination data.