Creating Policy Analysis Report Definitions
Use the Reports page to create policy analysis report
definitions. Policy analysis reports help you to analyze the firewall
rule base for policies managed by Security Director. These reports
also identify the firewall rules that contain issues.
Before You Begin
Configuring Policy Analysis Report Definitions
Procedure
To configure a policy analysis report definition:
- Select Reports > Report Definitions.
- Click Create and then select Policy Analysis
Report Definition.
- Complete the configuration according to the guidelines
provided in the Table 274.
- Click OK to save the report definition.
- Click Preview as PDF to review the configuration.
- Click Send Report Now to send the report through
e‐mail to the recipient immediately.
A new policy analysis report definition with the defined configurations
is created. You can use the created policy definition to identify
the issues with the firewall rules.
Table 274: Policy
Analysis Report Definition Settings
Settings | Guidelines |
|---|
General Information |
Report Name | Enter a unique name for the report definition that is
a string of alphanumeric characters, colons, periods, dashes, and
underscores. No spaces are allowed and the maximum length is 29 characters. |
Description | Enter a description for the report definition; maximum
length is 1024 characters. |
Content |
Anomalies | Select the anomaly type that you want to include in the
report: - Shadowed—Select this option to identify any shadowed
rules. A rule is shadowed when all the packets of a previous rule
match with the current rule. By selecting this option, the shadowed
rules are not evaluated.
- Redundant—Select this option to identify redundant
or duplicate rules. A redundant rule performs the same action on the
same packets as another rule. The security policy is not affected
by removing the redundant rules.
- Expired Scheduler—Select this option to identify
rules with an expired schedule.
- Logging Disabled—Select this option to identify
rules that have predefined policy profile with all the logging functionality
disabled.
- Unused Rules—Select this option to identify any
unused rules.
Note:
By default the report is generated for all types of anomalies. |
TimeSpan for unused rules | Select time period for which you want to generate the
report for unused rules. Default value is Last day. Note:
This field is displayed only when you select Unused Rules
option for Anomalies. |
Firewall Policy | Select the firewall policy filter to be added either
by searching for the filter name or selecting the policy name from
the All Devices Policy list. |
Schedule |
Add Schedule | Click Add Schedule. Select the type of report schedule that you want to use: - Run now—Select this option to schedule and publish
the configuration at the current time.
- Schedule at a later time–Select this option if you
want to schedule and publish the configuration at a later time.
Select the recurring schedule for report generation. The available
options are: - Repeat—Select this option to generate the report
on an hourly, daily, weekly, monthly, or yearly basis.
- Every—Select the number of days, weeks, or months
for which the recurring report will be generated.
- Ends—Select the end date and end time for the report.
|
Email |
Email Recipients | Click Add Email Recipients - Recipients—Enter or select the e‐mail addresses
of the recipients. By default, you can search by first name and select
registered users. You can also type in external email addresses.
- Subject—Enter the subject for the e‐mail notification.
- Comment—Enter the comments for the e‐mail notification.
Note:
The reports are not sent if a specified recipient does
not have permission for a device or domain included in the report
configuration when the report is generated. |
Related Documentation
Help us to improve. Rate this article.
Feedback Received. Thank You!