The Config Cleanup feature for Panorama®-managed deployments helps address the complexity of network security configurations by automatically identifying and helping to remediate unused objects, zero-hit rules, and duplicate elements. Over time, these inefficiencies can compromise your security posture and operational efficiency.

This feature continuously analyzes your committed configurations and provides detailed insights. It calculates metrics such as the duration objects have been unused and which security rules network traffic has not triggered. Config Cleanup integrates seamlessly into your existing Panorama management workflow. You can review the analysis results, select problematic objects or rules for remediation, and directly push the necessary changes to your Panorama candidate configuration, thus maintaining a clean and secure network environment.