Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating Policy Analysis Report Definitions

    Use the Reports page to create policy analysis report definitions. Policy analysis reports help you to analyze the firewall rule base for policies managed by Security Director. These reports also identify the firewall rules that contain issues.

    Before You Begin

    Configuring Policy Analysis Report Definitions

    To configure a policy analysis report definition:

    1. Select Reports > Report Definitions.
    2. Click Create and then select Policy Analysis Report Definition.
    3. Complete the configuration according to the guidelines provided in the Table 1.
    4. Click Preview as PDF to review the configuration.
    5. Click OK to save the report definition.
    6. Click Send Report Now to send the report through e‐mail to the recipient immediately.

    A new policy analysis report definition with the defined configurations is created. You can use the created policy definition to identify the issues with the firewall rules.

    Table 1: Policy Analysis Report Definition Settings

    Settings

    Guidelines

    General Information

    Report Name

    Enter a unique name for the report definition that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 29 characters.

    Description

    Enter a description for the report definition; maximum length is 1024 characters.

    Content

    Anomalies

    Select the anomaly type that you want to include in the report:

    • Shadowed—Select this option to identify any shadowed rules. A rule is shadowed when all the packets of a previous rule match with the current rule. By selecting this option, the shadowed rules are not evaluated.
    • Redundant—Select this option to identify redundant or duplicate rules. A redundant rule performs the same action on the same packets as another rule. The security policy is not affected by removing the redundant rules.
    • Unused Rules—Select this option to identify any unused rules. A rule is considered unused if it has not been used in the last 90 days.
    • Expired Scheduler—Select this option to identify rules with an expired schedule.
    • Logging Disabled—Select this option to identify rules that have predefined policy profile with all the logging functionality disabled.

    Note: By default the report is generated for all types of anomalies.

    Firewall Policy

    Select the firewall policy filter to be added either by searching for the filter name or selecting the policy name from the All Devices Policy list.

    Schedule

    Add Schedule

    Click Add Schedule.

    Select the type of report schedule that you want to use:

    • Run now—Select this option to schedule and publish the configuration at the current time.
    • Schedule at a later time–Select this option if you want to schedule and publish the configuration at a later time.

    Select the recurring schedule for report generation. The available options are:

    • Repeat—Select this option to generate the report on an hourly, daily, weekly, monthly, or yearly basis.
    • Every—Select the number of days, weeks, or months for which the recurring report will be generated.
    • Ends—Select the end date and end time for the report.

    Email

    Email Recipients

    Click Add Email Recipients

    • Recipients—Enter or select the e‐mail addresses of the recipients. By default, you can search by first name and select registered users. You can also type in external email addresses.
    • Subject—Enter the subject for the e‐mail notification.
    • Comment—Enter the comments for the e‐mail notification.

    Note: The reports are not sent if a specified recipient does not have permission for a device or domain included in the report configuration when the report is generated.

    Modified: 2016-11-09