Re: Disable rule with 0 hits is safe?

marcio.tormente · ‎10-19-2017

Hello guys!

I have a firewall with more tham 1500 rules and a lot of then have 0 hits.

I would like to clean the configuration, but I'm noob with firewall and i don´t know if is safe to delete all rules thar there is no hits?

Thanks

Marcio

akumarka · ‎10-19-2017

no its not safe . hits shows traffic flow .. 0 hits does not means they don't need that access .
it just means no traffic as of now.

marcio.tormente · ‎10-19-2017

Hello Akumarka,

How can I make sure that one rule is not in use to be deleted?

Thanks

akumarka · ‎10-19-2017

u can clean multiple entry .for example
if u have supersubnet for specific smaller subnet than u can cleanup smaller subnets .only if rule are same

akumarka · ‎10-19-2017

if u changed subnets for site or access changed , you want to restrict some specific subnets then you can clean up unwanted the rules .

mainly rules are already there for specific reason , unless you know the reason for rules don't modify

marcio.tormente · ‎10-19-2017

Is there any whay to know if one rule is in use or not?

akumarka · ‎10-19-2017

check source subnets , destination subnets ,ports , access details as per rules , if subnets are still valid definitely it is in use