Firewalls need to be able to improve their own status automatically by adjusting rules, policies and objects automatically to be more secure by using usage date. An example, system a talks to system b on a selection of ports all configured on the firewall. All designed and planned on human logic. After a month some ports have no traffic between the systems. The firewall should detect this and remove the unused ports from the configuration so that the rule is more secure. The same for source and destination ip addresses. If ip's or ranges show no usage after an extended period, firewall should tighten access to used ip addresses. Obviously allow an override where it's needed. Imaging installing a firewall, that gets more secure over time by removing unused ports, rules and ip's.
... View more