F5 Firewall Solutions > Advanced Multi-Layer Firewall Protection > Module 2: AFM Packet Tester, Flow Inspector, Stale Rule Lab Source | Edit on
Stale Rule Report¶
AFM also can list out stale rules within the device its self. You must first enable the feature. To enable, navigate to Security >Reporting > Settings > Report Settings. You will then need to check “Collect Stale Rules Statistics” found under the Network Firewall Rules Section. Please be sure to click “Save” before proceeding.
Once enabled, navigate to Security >Reporting > Network > Stale Rules. Feel free to refresh the web page we’ve been testing with (http://10.1.20.11) to see data populate into the rules.
Note
It could take 60+ seconds for data to populate
This information is quite useful for keeping a rule base tidy and optimized.
Anyone can create a firewall rule, but who is the person that removes the unneccesary ones?
Take a few minutes to inspect the other reports. Only the Enforced Rules will contain data
Navigation Security > Reporting > Network
Note
This concludes the Agility 2020 Advanced Multilayer Firewall Protection Lab.