Stale Rule Report

AFM also can list out stale rules within the device its self. You must first enable the feature. To enable, navigate to Security >Reporting > Settings > Report Settings. You will then need to check “Collect Stale Rules Statistics” found under the Network Firewall Rules Section. Please be sure to click “Save” before proceeding.

Once enabled, navigate to Security >Reporting > Network > Stale Rules. Feel free to refresh the web page we’ve been testing with (http://10.1.20.11) to see data populate into the rules.

Note

It could take 60+ seconds for data to populate

This information is quite useful for keeping a rule base tidy and optimized.

Anyone can create a firewall rule, but who is the person that removes the unneccesary ones?

Take a few minutes to inspect the other reports. Only the Enforced Rules will contain data

Navigation Security > Reporting > Network

Note

This concludes the Agility 2020 Advanced Multilayer Firewall Protection Lab.