Policy Analytics in Micro Edge Policies
Overview
ETM Dashboard provides the ability to analyze existing Policies and check for unused or duplicate rules, conditions, objects, and other situations that can cause issues. If problems are found, the Policy Analyzer will make a recommendation for correcting the issue.
Analyzing Policies
This tool is displayed as a table on the main Micro Edge Policies page. The table displays information about any issues detected:
- Issue details the problem: an unused object, misconfigured rule, and so forth
- Severity indicates how likely the problem is to cause difficulties in operation
- Recommendation details our suggestion for resolving the issue
- Date Created shows the date the issue itself first occurred; typically, this will match the creation date & time of the misconfigured or unused rule
- Actions provides two buttons:
- Review opens the configuration pane for the rule or object in question, enabling you to edit it directly
- Ignore for now will remove the ignored entry from the results table
Running the analyzer
The analyzer is run on-demand by clicking the Analyze button at the top right-hand corner of the pane. It does not run automatically.
Issues detected by the analyzer
The following are potential issues which the analyzer will detect.
- Rules that are not being used in any policy
- Objects that are not being used in any condition or object groups
- Object groups that are not used in any conditions
- Conditions and condition groups that are not being used in any rule or policy
- Validate first-packet conditions - conditions which will not trigger on first-packet scans, meaning rules based on these conditions may not operate reliably
- Duplicate rules
- Duplicate conditions
- Duplicate objects (not object groups)
- Duplicate groups
- For all duplicated items: when found, the ones that have the newest creation date are marked as duplicates and recommended to be deleted
- Policies unused by any appliance
- Appliances with no assigned policies
- Templates unused by any policy
Have more questions? Submit a request
Comments
0 comments
Please sign in to leave a comment.