Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
0
Helpful
1
Replies

FMC - Policy optimizer for unused policies & app id policies

donald.ashdown
Level 1
Level 1

‎12-06-2022 09:37 AM

Hi there,

I had a few questions here regarding the Cisco FMC.

 

1. Is there a means for exporting the firewall rules set and traffic logs?

2. Is there a built in policy optimizer that we can leverage to remove redundant and unused policies?

3. Is there an option to move from port based policies to app-id based policies? 

 

Kind regards,

0 Helpful
1 Reply 1

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎12-07-2022 05:21 AM

Hi @donald.ashdown,

1. Please take a look at this post. Similarly, you can go to Connection Events and generate report from there.

2. Starting from v6.4, you can use hit counts option, to see if certain rules inside access and pre-filter policies are being hit or not. For redundant rules, I don't think there is any option yet.

3. Yes, you can use app-based policies instead of port based ones, and this is supported from early days of Firepower. Just keep in mind that you can't classify what you don't see - unless you are doing HTTPS decryption, you can't be sure if given app is classified as Facebook Chat or Facebook Post (in some cases it can still be possible, but not with 100% guarantee), while with port-based policies, it is quite clear and not required to decrypt traffic (you permit specific port, which is visible from L4 header).

Kind regards,
Milos

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card