Firewall rule optimization

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Firewall rule optimization

L4 Transporter

Anyone know of any good firewall optimization software for PA. One that can review the rules and make good suggestion to improve the rule order, removal etc?

6 REPLIES 6

L3 Networker

Company called Firemon has a product that assists with this.

 

https://www.firemon.com/

I assume firemon has a price, anyone know of an open source version as well to look at?

L3 Networker

I was in the same boat as you are; inherited about 850 lines of sec policies being migrated from other vendor's solution. My apporach to clean/optimize was to enable "Hightlight unused rules" and after a month i started disabling unused rules. Waited another month, documented disabled rules and scheduled rule removeal. And four more weekends like that. It took me about 2 months to reduce number of rules from 850 to 200. In the same time this excersise allowed me to get better understanding of the infrastructure. Out of all those disabled rules, i had 10 rules thate were required to put back; some legacy traffic users were not aware of.

You might be able to use PAN migration tool to upload firewall config and see if any duplication is showing. 

 

 

 

Well the migration was complete a couple of months ago and I have been using the method that you mentioned but I was also told there is software out there that would be able to do some of that work for me. So I just thought I would see waht people are using and how they like it. So far the only suggestion I have had is firemon, I am probably going to download a trial of that and see what it does, but would love more suggestions 

If you dont mind, once you downlaod and test software could you post your findings? 

I can try it may not be something that can easlily be posted verbatim and it may take quite some time to complete the testing

  • 3200 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!