Creating Policy Analysis Report Definitions
Use the Reports page to create policy analysis report definitions. Policy analysis reports help you to analyze the firewall rule base for policies managed by Security Director. These reports also identify the firewall rules that contain issues.
Before You Begin
Read the Reports Overview topic.
Review the Reports main page for an understanding of your current data set. See Report Definition Main Page Fields for field descriptions.
Configuring Policy Analysis Report Definitions
To configure a policy analysis report definition:
- Select Reports > Report Definitions.
- Click Create and then select Policy Analysis Report Definition.
- Complete the configuration according to the guidelines provided in the Table 1.
- Click OK to save the report definition.
- Click Preview as PDF to review the configuration.
- Click Send Report Now to send the report through e‐mail to the recipient immediately.
A new policy analysis report definition with the defined configurations is created. You can use the created policy definition to identify the issues with the firewall rules.
Table 1: Policy Analysis Report Definition Settings
Enter a unique name for the report definition that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 29 characters.
Enter a description for the report definition; maximum length is 1024 characters.
Select the anomaly type that you want to include in the report:
Note: By default the report is generated for all types of anomalies.
TimeSpan for unused rules
Select time period for which you want to generate the report for unused rules. Default value is Last day.
Note: This field is displayed only when you select Unused Rules option for Anomalies.
Select the firewall policy filter to be added either by searching for the filter name or selecting the policy name from the All Devices Policy list.
Click Add Schedule.
Select the type of report schedule that you want to use:
Select the recurring schedule for report generation. The available options are:
Click Add Email Recipients
Note: The reports are not sent if a specified recipient does not have permission for a device or domain included in the report configuration when the report is generated.