Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
849
Views
0
Helpful
1
Replies

Firewall Policy Usage - ASA

cph24795
Level 1
Level 1

‎03-08-2021 12:33 PM - edited ‎03-08-2021 12:34 PM

What is the best method by which to determine what policies are being used in various contexts and how much they are being used.  Thinking about an auditing/cleanup process use case.  

0 Helpful
1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

‎03-08-2021 08:02 PM

Hi

 

You can go with the simple way by looking at hitcounts for cleaning non used rules.

Then, the best way would be to have a syslog like ELK (or any others you prefer) to look at the traffic to tweak rules that are getting hits and restrict policies.

 

You can also use Cisco CLI analyzer which will give you a clear view of what policies are used, what objets are used or not…

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card