Manage a large firewall policy
I struggling with a very large firewall policy in SEP applied to many clients in a big organization.
I would like the possibility to see how often an individual firewall rule is being used.
This will make my life much simpler and I can keep the amount of rules to a minimum for best performance.
One suggested solution would be have a new "logging" alternative. Instead of "write to traffic log" or "write to packet log" there could be an option to "write to usage log".
This should not log more than when being used and a date/time stamp.
Today when enabling "write to traffic log" or "write to packet log" on to many rules or a rule which is used very frequent, you may end up with a lot of data being written to the sequel database which is not necessary.