Policy Analytics in Micro Edge Policies

Overview

ETM Dashboard provides the ability to analyze existing Policies and check for unused or duplicate rules, conditions, objects, and other situations that can cause issues. If problems are found, the Policy Analyzer will make a recommendation for correcting the issue.

policy analytics.png

 

Analyzing Policies

This tool is displayed as a table on the main Micro Edge Policies page. The table displays information about any issues detected:

  • Issue details the problem: an unused object, misconfigured rule, and so forth
  • Severity indicates how likely the problem is to cause difficulties in operation
  • Recommendation details our suggestion for resolving the issue
  • Date Created shows the date the issue itself first occurred; typically, this will match the creation date & time of the misconfigured or unused rule
  • Actions provides two buttons:
    • Review opens the configuration pane for the rule or object in question, enabling you to edit it directly
    • Ignore for now will remove the ignored entry from the results table

Running the analyzer

The analyzer is run on-demand by clicking the Analyze button at the top right-hand corner of the pane. It does not run automatically.

 

Issues detected by the analyzer

The following are potential issues which the analyzer will detect.

  • Rules that are not being used in any policy
  • Objects that are not being used in any condition or object groups
  • Object groups that are not used in any conditions
  • Conditions and condition groups that are not being used in any rule or policy
  • Validate first-packet conditions - conditions which will not trigger on first-packet scans, meaning rules based on these conditions may not operate reliably
  • Duplicate rules
  • Duplicate conditions
  • Duplicate objects (not object groups)
  • Duplicate groups
    • For all duplicated items: when found, the ones that have the newest creation date are marked as duplicates and recommended to be deleted
  • Policies unused by any appliance
  • Appliances with no assigned policies
  • Templates unused by any policy
Follow
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk