This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Flowcharting rules

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Flowcharting rules

BobW
L4 Transporter

‎03-09-2013 08:04 AM

It sounds as if my situation is a bit different than most as from what I gather most people do not use the scheduling feature of the firewall.  I am at a pre-K-12 boarding school with dorm students, dorm parents, etc. which means I use the scheduling piece in almost every rule!   As part of this I am struggling a bit of following the logic of my rule set (I pity the person who takes this it over of I leave!).

I am curious if anyone has been using some sort of third party mind mapping/flow charting software to draw out the logic of their rules?  I am not a big fan of Visio.

OR

Do people use the PA on it's own and just keep adding to it without mapping it out?

Thanks

Bob

1 person had this problem.
Labels:
0 Likes Likes
10 REPLIES 10

BCH
Not applicable

‎03-09-2013 10:44 AM

PA on its own with rule comments, or a "simple" Excel spreadsheet with a couple macros and bonus fields :smileysilly:

0 Likes Likes

craymond
L4 Transporter

‎03-11-2013 08:09 AM

That is one area that the PAs are really lacking. There are no visualization tools like Cisco ASAs and Netscalers, and no grouping of rules based on zones or policy type like the MS ISA. It also does not even have a numbering column, which is very strange!  It would be nice to see some of these introduced. We use the TAG field and the description field to try to keep track of things. There is also an API to export all of the rules to an excel spreadsheet which might be a help.

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.

craymond
L4 Transporter

‎03-11-2013 09:02 AM

Here is the link to the user DOC on importing to Excel:

Here is the DOC on using the REST API for more info: -

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.

mharding
L4 Transporter

‎03-12-2013 03:27 PM

For my sanity, I group the rules by zone. But, that was back when you could sort the rules by zone easily back in PAN-OS 2.0. :smileysilly: I'm starting to use the tags as we've grown to 500+ rules.

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks