Cleaning up rules

Highlighted
L1 Bithead

Cleaning up rules

So, I, like a number of people, converted from Cisco to PAN.  We had a consultant in to help with the conversion, and he was assisting with the rule cleanup.  However, a) a lot of rules came straight across as it was time-critical, so they are service based, and b) I have trouble wrapping my head around app-based policies.  Is there a tool that can help with converting all of my port/protocol based rules to app policies?  Something like the conversion tool, but for use post-cutover as opposed to during the conversion?

I just had to dump a list of policies for an auditor, and realized that we should be cleaning up so that humans that aren't us have a chance of reading/understanding these.

;-)

Thanks!

Rich

L4 Transporter

Re: Cleaning up rules

The new Migration Tool Version 3 can support you in cleaning up the rules and implement App-ID. You can import PANW config, not only other vendor´s configs.

L4 Transporter

Re: Cleaning up rules

Hi

Where I can download Migration Tool Version 3 - I try in Software Updates - but I can't find it there.

Regards

Slawek

L5 Sessionator

Re: Cleaning up rules

L4 Transporter

Re: Cleaning up rules

Thx

Regards

Slawek

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!