Show Shadow Rules 2021 Post

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Show Shadow Rules 2021 Post

L4 Transporter

Hello -

I saw a post about this from 2012 and the answer was basically no.


Well, it's been nine years now and I'm hoping there is a way to view shadow rules without doing a commit.


L5 Sessionator

I'm not sure within the NGFW GUI itself beyond policy optimizer (which I know isn't going to fulfill the exact thing you asked about), but I know for a fact expedition is able to show shadow rules and merge them. You can filter based off common fields, click analyze, and review the criteria you wish to replace/standardize. 


So if you have 2 rules, one that is source dest port 443 and the second rule src dest, 443 expedition will merge it into 1 rule and then you are able to remove the criteria you don't want to keep. 


So in that way you can export the current config, clean it up in expedition, and then import it back in. 

Help the community! Add tags and mark solutions please.
  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!