Manage a large firewall policy

Created: 05 Mar 2012 | Updated: 06 Mar 2012 | 1 comment

Boman

1 Agree

0 Disagree

Status: In Review

Hello,

I struggling with a very large firewall policy in SEP applied to many clients in a big organization.

I would like the possibility to see how often an individual firewall rule is being used.

This will make my life much simpler and I can keep the amount of rules to a minimum for best performance.

One suggested solution would be have a new "logging" alternative. Instead of "write to traffic log" or "write to packet log" there could be an option to "write to usage log".
This should not log more than when being used and a date/time stamp.

Today when enabling "write to traffic log" or "write to packet log" on to many rules or a rule which is used very frequent, you may end up with a lot of data being written to the sequel database which is not necessary.

Idea Filed Under:

Security, Endpoint Protection (AntiVirus) - 11.x, Endpoint Protection (AntiVirus) - 12.x, Endpoint Protection (AntiVirus), Configuring, Performance, In Review

Login or register to post comments
Comments RSS Feed

Comments 1 Comment • Jump to latest comment

Elisha Symantec Employee Accredited Certified

Manage a large firewall policy - Comment:06 Mar 2012 : Link

You can query the database to see how many time each rule is triggered. It would be a manual SQL query, but it would tell you the count for each rule that got triggered.

Manage a large firewall policy

Comments 1 Comment • Jump to latest comment

Would you like to reply?

Links